Self-Propagating Lucifer Malware Targets Windows Systems

2020-06-24 21:20

Security experts have identified a self-propagating malware, dubbed Lucifer, that targets Windows systems with cryptojacking and distributed denial-of-service attacks.

"Lucifer is a new hybrid of cryptojacking and DDoS malware variant that leverages old vulnerabilities to spread and perform malicious activities on Windows platforms," said researchers with Palo Alto Networks' Unit 42 team, on Wednesday in a blog post.

Other commands allow the malware to drop an XMRig miner and launch cryptojacking attacks, as well as collecting interface info and sending the miner status to the C2. Researchers say that as of Wednesday, the XMR wallet has paid 0.493527 XMR. The malware is also capable of self-propagation through various methods.

The attackers then resumed their campaign on June 11 with an upgraded version of the malware.

"While the vulnerabilities abused and attack tactics leveraged by this malware are nothing original, they once again deliver a message to all organizations, reminding them why it's utterly important to keep systems up-to-date whenever possible, eliminate weak credentials, and have a layer of defenses for assurance," stressed researchers.

News URL

https://threatpost.com/self-propagating-lucifer-malware-targets-windows-systems/156883/

#malware #windows

News URL

Related news