Vote for Cryptopolitan on Binance Square Creator Awards 2024. Click here to support our content!

Lucifer Monero mining malware now can and infect Linux systems

In this post:

Authors of Satan Monero mining malware, which is commonly known for affecting vulnerable Windows systems, have extended the botnet capability to now target Linux systems. Once a system is infected, the malware uses the device to mine Monero (XMR), a privacy-focused digital currency, by deploying an XMRig miner.

Monero mining malware attacks Linux systems

As Bleeping Computer reported on Wednesday, the new action enabled on the Lucifer Monero mining malware was discovered by Cybersecurity researchers at NETSCOUT’s ATLAS Security Engineering & Response Team (ASERT). Originally, the botnet was dubbed Satan DDoS by the authors. However, researchers renamed it Lucifer DDoS to differentiate it from Satan ransomware.

The researcher said it a hybrid DDoS botnet commonly known for infecting Windows devices to mine cryptocurrency. The malware brute-forced and used weaponized exploits on vulnerabilities to deploy the XMRig miner on Windows systems, when it was first discovered in May by Palo Alto Networks Unit 42 researchers.

However, this same Monero mining malware has been upgraded by the authors to scan and infect Linux systems as well. In addition to that, the malware now has the capability to steal credentials and escalate privileges on the Windows systems. It can also execute cryptojacking, TCP, UCP, and ICMP-based flooding attacks, sais the researchers.

Read Also  Lido DAO (LDO) token contract flaw puts millions at risk—crypto security firm issues critical alert

Systems at risks of DDoS attacks

The researchers at NETSCOUT further explained: 

“The fact that it can run on Linux-based systems means that it can potentially compromise and make use of high-performance, high-bandwidth servers in internet data centers (IDCs), with each node packing a larger punch in terms of DDoS attack capacity than is typical of most bots running on Windows or IoT-based Linux devices.”

Meanwhile, the cryptocurrency wallet associated with the malware had only $30 worth of Monero when it was initially spotted. The researchers believe that the authors of the malware are looking to mine more of the crypto from additional devices following the upgrade made to it. However, Windows and Linux users can choose to stay safe by adhering to certain security measures, such as OS security updates.

Land a High-Paying Web3 Job in 90 Days: The Ultimate Roadmap

Share link:

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

Editor's choice

Loading Editor's Choice articles...

Stay on top of crypto news, get daily updates in your inbox

Most read

Loading Most Read articles...
Subscribe to CryptoPolitan