Wednesday, May 8, 2024
Home Hacking News Lucifer Malware : Windows Vulnerabilities for Cryptomining

Lucifer Malware : Windows Vulnerabilities for Cryptomining

Getting News, the Lucifer Malware Leverages windows which are vulnerabilities for the Cryptomining and the DDoS attack done by the threat actor.

The gain popularity of the concept of cryptomining which generates revenue with various threat actor which have been attempting to do illegitimate mining activities which used for their victim’s infrastructure, along with several other parallel malicious activities. Recently a malware was used in targeting the victims for crypto mining as well as DDoS attacks.

Whole Campaigns

Palo Alto Network the unit 42 team said that they are identified with the two versions of the lucifer malware which took advantage of known vulnerabilities for infiltrating and performing malicious activities on target systems.

  • The Self-propagating Hybrid malware variant which dubbed lucifer, leverages known vulnerabilities that spread and perform malicious activities on the platform such as cryptojacking and Distributed denial-of-service (DDoS)attacks.
  • The Lucifer Malware where we are talking about are targeting the Rejetto Http File Server (CVE-2017-6287), Microsoft Window (CVE-2017-0144, CVE-2017-0145, and CVE-2017-8464), Oracle Weblogic (CVE-2017-10271) Apache Struts (CVE-2017-9791), ThinkPHP RCE (CVE-2018-20062) and Laravel Framework (CVE-2019-9081)
  • The Brute force which can attack the credentials, the malware dropped XMRIg Miner for crypto-jacking Monero and exploited EternalBlue, EternalRomance, and DoublePulsar backdoor-exploits against vulnerable targets for internet infections.

 

Cryptojacking Campaigns

Cryptojacking is on the rise and hackers are frequently using and coming with this to compromise computer resources and for the crypto-mining.

  • A Monero cryptocurrency-mining campaign called Blue Mockingbird which exploited a deserialization vulnerability (CVE-2019-18935) in unpatched versions of Telerik UI for the ASP .Net. It deployed the XNRig Monero-mining Payload in a dynamic-link library form on windows systems. ( Happens In May 2020)
  • The Victory Gate Botnet used USB Drivers In Propagation mechanism which deployed auto and XNRig on infected machines for Crypto Mining.

What We Need 

We need to stay safe while applying any updates and patches for all the deployed software, firmware, and operating systems as soon as you can do. The User should use the Browser extensions to the block crypto miners across the web which are used for trusted ad-blocker and detect to block the malicious crypto-mining code embedded in online ads,

Found this article informative? Follow Vednam on Facebook, Twitter, Mix, Tumbler, and Linkedin to know more exclusive content we post.

You can Also read Articles :

Thousands of Printers Exposed Online leaking WiFi SSIDs

New Ransomware Attacks: Android Devices are under threat

Bipin Choudharyhttps://vednam.com
Bipin has been a passionate blogger for several years. He is a Cyber Security Enthusiast, Security Blogger, Technical Writer. He is always eager to know everything about the latest technology development and advancement. Author @ Vednam

1 COMMENT

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -

Most Popular

7 Best Free Ethical Hacking Courses Online

  Ethical hacking is the practice of identifying vulnerabilities in computer systems and networks, using the same techniques and tools as malicious hackers. Ethical hackers,...

How does AuKill malware work?

AuKill Malware Actively Used to Disable EDR in Ongoing Attacks The cybersecurity landscape is constantly evolving, and attackers are always finding new ways to breach...

What is Black box hacking ? How Does it works ?

  Black box hacking refers to the process of testing a system, network or application for vulnerabilities without having any prior knowledge of its internal...

What is Penetration testing ? How does it works ?

  Penetration testing, or PenTesting for short, is a critical part of any comprehensive cybersecurity program. It involves testing the security of computer systems, networks,...

Recent Comments