Researchers have discovered a new malaware – Linux.Lady which converts Linux based PCs into Crypto-Currency miners. According to the Russia-based antivirus software retailer Dr. Web the malware is designed with Google’s Go programming language.
This malware possesses the ability to collect information about an infected computer and transfer it to the C&C server, download and launch a crypto-currency mining utility, and attack other computers on the network to install its own copy on them, according to Dr.Web
The Function Of The Malware :
- It gains information about an infected computer and sends it to the C&C server (command and control).
- It downloads and launches a crypto-currency mining program after receiving a configuration file from the C&C server.
- Searches for other computers on the network to install another copy of the cryptocurrency miner program and looks for Monero – a type of cryptocurrency.
However this malware affects the misconfigured Redis database servers that haven’t been secured with a password. Reportedly, there are roughly 30,000 such servers operating online at the moment.
After performing the functions the Linux.Downloader.196 script is downloaded on the machine in order to further download the key payload and then Linux.Lady sends out the system’s data to the C&C server.