A Linux Trojan written entirely in Googles ‘Go’ programming language is infecting computers and installing programs that mine for cryptocurrencies.
The malware, known as ‘Linux.Lady.1’ consists entirely of libraries published on the GitHub repository and although researchers at Russian cybersecurity firm Doctor Web said they had encountered Go Trojans before, it was not common to find them in the wild.
It then receives a configuration file that downloads the cryptocurrency mining application and a special website that can be used to determine the external IP of the system.
This is used to infect other machines on the network and to generate income by mining the ‘Moreno’ currency, which is then sent to a digital wallet.
The exploit makes use of misconfigured REmote DIctionary Server (Redis) NoSQL servers which do not have passwords or other security mechanisms enabled by default. This allows the malware to spread.
This is because the open source project, previously backed by the likes of VMware and Pivotal, prioritises performance and so end users must enable such features for protection.
According to a Risk Based Security report, as many as 30,239 Redis servers are found on search engine Shodan and 6,338 installations are compromised, dating back to version 1.2. The current stable release is 3.2.1, meaning significant numbers are vulnerable for exploitation.
German foreign minister warns Russia will face consequences for “absolutely intolerable” cyberattack on ruling party,…
Google is reportedly laying off at least 200 staff from its “Core” organisation, including key…
Investor appeasement? Apple unveils huge $110 billion share buyback program, as sales of iPhone decline…
Tesla retreats from pioneering gigacasting manufacturing process, amid cost cutting and challenges at EV giant
No skynet please. After the US, UK and France pledge human only control of nuclear…
Microsoft's AI investments continue in south east Asia, after investments in Japan, Malaysia, Indonesia, as…