Vulnerable Windows Devices Are Being Taken Advantage Of To Spread The Lucifer Malware
There is a new botnet that has been exploiting numerous severely critical vulnerabilities in computer systems that are using Windows, and they are being turned into cryptocurrency miners and also being used to take part in DDoS attacks.
Security researchers have given the malware behind the botnet Satan DDoS, but most of them refer to it as Lucifer since there's already ransomware called Satan and they don't want to create any confusion regarding which one is which.
What Is The Lucifer Malware?
Unit 42 of Palo Alto Networks started to look into the botnet after its security researched found it when they were investigating a few incidents that involved a critical vulnerability being exploited from the Laravel web framework that could lead to the remote execution of code.
In the beginning, people believed that the Lucifer malware was used to turn the infected systems into a Monero cryptocurrency miner. After a while though, it became clear that the malware also had a DDoS function that spread itself to other systems.
How was it spreading itself onto other systems? It used brute-forcing as well as multiple highly-critical vulnerabilities to its advantage.
A Deeper Look Into The Lucifer Malware
Unit 42 wrote a blog post that gave more details on everything that the Lucifer malware could do and how powerful it truly is.
According to the blog post, Lucifer malware has powerful capabilities. It can drop XMRig so that it can do some cryptojacking for Monero. Another one of its capabilities is a command and control operation as well as self-propagation by using and exploiting many vulnerabilities and the brute-forcing of credentials.
The Lucifer malware can also drop and run DoublePulsar, EternalRomance, and EternalBlue backdoors against vulnerable systems so that it can infect other systems in the same network as that system.
Lucifer's operators have taken almost a dozen individual vulnerabilities and crafted exploits to use against them, but all of these vulnerabilities have been fixed. However, these cybercriminals will usually take advantage of older vulnerabilities so it can target users that haven't applied the latest updates and patches to their system yet.
The Lucifer malware's latest version comes with an anti-analysis protection feature that lets it check the name of the user and computer that it has infected before it carries out its mission. If it finds any names that match with any analysis environments, then it will stop in its tracks.
If you want to protect yourself protected from the Lucifer malware, then it would help if businesses and individuals update their systems and software. Also, a strong password will help significantly so that brute-forcing your credentials would be more difficult for cybercriminals.
Researchers at Palo Alto's Unit 42 team analyse Lucifer, a cryptominer-DDoS malware hybrid https://t.co/I4fKJ4vOjU pic.twitter.com/WwEdnGvPon — Virus Bulletin (@virusbtn) June 25, 2020
The Mac ThiefQuest Ransomware Proves All Computers Can Be Infected
If you think having a Mac computer will keep you safe from malware, you are wrong. The ThiefQuest ransomware is proof that even Macs aren't safe.
The Univeristy of California San Francisco Pays $1.14 Million Ransom To Cybercriminals
It looks like ransomware has taken hold of servers at UCSF. Unfortunately, the ransom had to be paid to save their data. But did they try to restore it themselves? Find out here.
[Caution] New Ransomware Jaff Extorts $3,700! Here's How to Spot it
Imagine having to pay $3,700 for opening a wrong email. Have you heard about the ransomware Jaff?
How You Can Build A PC For Gaming, Streaming, and Video Editing For $600 In 2020
Being stuck at home during quarantine might make you want to start gaming, streaming, or video editing. For that you'll need a PC that's capable of doing those three things. Here's one that will cost you a little bit over $600.
Beware Of This Fake Ransomware Decryptor. It Makes Things Even Worse!
There is a fake ransomware decryptor known as Zorab you can find online, so stay away from it. It's a program that turns your situation into a worse one.
MORE IN ITECHPOST
2020's Best Earphones for the Latest iPad Pro Models
The iPad models that were released recently have gotten rid of the audio jack. The lack of an audio jack means if you want to use earphones with your iPad, you'll need ones that connect using a USB-C connector. Here are the best ones you can get on Amazon.
[Watch] NASA Announces Week Update: What Happened to the Artemis Program?
Could we be closer to getting to the moon? NASA provides updates on the progress.
How to Be a Good Team Owner in the New 'F1 2020'
With the new Formula 1 racing game developed by Codemasters about to be released to the general public, players are wondering in anticipation of what makes this F1 2020 game different from its predecessors.