Linux.Lady – The New Linux Malware Can Convert Linux Based PCs Into Crypto-Currency Miners

  • 305
  •  
  •  
  •  
  •  
  •  
  •  
  •  
    305
    Shares

Researchers have discovered a new malaware – Linux.Lady which converts Linux based PCs into Crypto-Currency miners. According to the Russia-based antivirus software retailer Dr. Web the malware is designed with Google’s Go programming language.

This malware possesses the ability to collect information about an infected computer and transfer it to the C&C server, download and launch a crypto-currency mining utility, and attack other computers on the network to install its own copy on them, according to Dr.Web

The Function Of The Malware :

  • It gains information about an infected computer and sends it to the C&C server (command and control).
  • It downloads and launches a crypto-currency mining program after receiving a configuration file from the C&C server.
  • Searches for other computers on the network to install another copy of the cryptocurrency miner program and looks for Monero – a type of cryptocurrency.

However this malware affects the misconfigured Redis database servers that haven’t been secured with a password. Reportedly, there are roughly 30,000 such servers operating online at the moment.

After performing the functions the Linux.Downloader.196 script is downloaded on the machine in order to further download the key payload and then Linux.Lady sends out the system’s data to the C&C server.

libs

 

 

The following two tabs change content below.

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]

William Fieldhouse

I currently work full time as a penetration tester and have been involved within the IT security industry for over a decade. I also love to pioneer any forms of new technology and ideologies for future advancements. Feel free to contact me at [email protected]

Leave a Reply