Security News > 2022 > April > AWS Lambda sees its first malware attack with Denonia, and we don’t know how it got there
AWS secures the underlying Lambda execution environment, yet it is up to the customer to secure the functions.
Cado Labs has exposed the first publicly known case of malware specifically designed to run in an AWS Lambda environment.
The mystery remains in this case as to how is the malware deployed in the AWS Lamba environments.
Cado Security has not identified any method yet but suspects it may be a matter of compromising AWS Access and secret keys then manually deploying the malware into the compromised AWS Lambda environments.
The AWS shared responsibility model applies to data protection in AWS Lambda, and it is responsible for protecting the global infrastructure that runs all of the AWS Cloud.
All the hardware used to access AWS Lamba should also always be up to date, and the operating system and software should be patched to lower the risk of being infected by malware while working with AWS. Disclosure: I work for Trend Micro, but the views expressed in this article are mine.
News URL
Related news
- Astaroth Banking Malware Resurfaces in Brazil via Spear-Phishing Attack (source)
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks (source)
- Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations (source)