Security News > 2022 > April > AWS Lambda sees its first malware attack with Denonia, and we don’t know how it got there
AWS secures the underlying Lambda execution environment, yet it is up to the customer to secure the functions.
Cado Labs has exposed the first publicly known case of malware specifically designed to run in an AWS Lambda environment.
The mystery remains in this case as to how is the malware deployed in the AWS Lamba environments.
Cado Security has not identified any method yet but suspects it may be a matter of compromising AWS Access and secret keys then manually deploying the malware into the compromised AWS Lambda environments.
The AWS shared responsibility model applies to data protection in AWS Lambda, and it is responsible for protecting the global infrastructure that runs all of the AWS Cloud.
All the hardware used to access AWS Lamba should also always be up to date, and the operating system and software should be patched to lower the risk of being infected by malware while working with AWS. Disclosure: I work for Trend Micro, but the views expressed in this article are mine.
News URL
Related news
- Malware botnets exploit outdated D-Link routers in recent attacks (source)
- Ivanti zero-day attacks infected devices with custom malware (source)
- WP3.XYZ malware attacks add rogue admins to 5,000+ WordPress sites (source)
- IPany VPN breached in supply-chain attack to push custom malware (source)
- MintsLoader Delivers StealC Malware and BOINC in Targeted Cyber Attacks (source)
- Abandoned AWS S3 buckets can be reused in supply-chain attacks that would make SolarWinds look 'insignificant' (source)
- New “whoAMI” Attack Exploits AWS AMI Name Confusion for Remote Code Execution (source)