Security News > 2022 > April > New malware targets serverless AWS Lambda with cryptominers

New malware targets serverless AWS Lambda with cryptominers
2022-04-07 18:58

Security researchers have discovered the first malware specifically developed to target Amazon Web Services Lambda cloud environments with cryptominers.

AWS Lambda is a serverless computing platform for running code from hundreds of AWS services and software as a service apps without managing servers.

"Under the AWS Shared Responsibility model, AWS secures the underlying Lambda execution environment but it is up to the customer to secure functions themselves," the researchers added.

While Denonia has been clearly designed to target AWS Lambda since it checks for Lambda environment variables before execution, Cado Security also found that it can run without issues on at least some Linux systems.

"Despite the presence of this, we discovered during dynamic analysis that the sample will happily continue execution outside a Lambda environment," the researchers said.

"We suspect this is likely due to Lambda"serverless" environments using Linux under the hood, so the malware believed it was being run in Lambda despite being run in our sandbox.


News URL

https://www.bleepingcomputer.com/news/security/new-malware-targets-serverless-aws-lambda-with-cryptominers/