Skip to content

GREENGROUND

Daily Insights for a Smarter Tomorrow

Menu
  • Home
  • Medium
  • About Us
    • Mission
    • Contact Us
Menu

Linux users no longer safe from this up-and-coming DDoS botnet null

Posted on August 20, 2020 by Livio Andrea Acerbo

An up-and-coming DDoS botnet known for infecting Windows devices and using them to mine cryptocurrency has now been ported to Linux.

The malware behind the botnet has been given the name Satan DDoS by its creators but security researchers have taken to referring to its as Lucifer in order to avoid confusion with the Satan ransomware.

Lucifer was first discovered by researchers at Palo Alto Networks’ Unit 42 back in May and at the time, the malware was being used to deploy an XMRig miner on vulnerable Windows systems. The firm’s researchers began looking into the botnet after they discovered it while following multiple incidents involving the exploitation of a critical vulnerability in a component of the Laravel web framework which can lead to remote code execution.

The cybercriminals behind the botnet have already updated the capabilities of its Windows version to steal credentials and escalate privileges in addition to being able to mine for Monero using infected machines.

Lucifer Linux port

According to a new report from Netscout’s ATLAS Security Engineering & Response Team (ASERT), the Linux port of the Lucifer malware displays the same welcome message as its Windows counterpart.

The new Linux version of the malware has similar capabilities to the Windows variant and includes modules for cryptojacking and for launching TCP, UCP and ICMP-based flooding attacks. Linux devices infected with Lucifer can also be used in HTTP-based DDoS attacks.

In their report, Netscout’s researchers explained how Lucifer’s operators can utilize infected Linux systems to launch even larger DDoS attacks, saying:

“The fact that it can run on Linux-based systems means that it can potentially compromise and make use of high-performance, high-bandwidth servers in internet data centers (IDCs), with each node packing a larger punch in terms of DDoS attack capacity than is typical of most bots running on Windows or IoT-based Linux devices.”

By adding support for Linux, Lucifer’s operators will be able to add even more machines to their botnet which will allow it to mine for more cyrptocurrency using infected systems. 

Via BleepingComputer

social experiment by Livio Acerbo #greengroundit #techradar https://www.techradar.com/news/linux-users-no-longer-safe-from-this-up-and-coming-ddos-botnet

Share this:

  • Click to share on Facebook (Opens in new window) Facebook
  • Click to share on X (Opens in new window) X
  • Click to share on LinkedIn (Opens in new window) LinkedIn
  • Click to share on Tumblr (Opens in new window) Tumblr
  • Click to share on Mastodon (Opens in new window) Mastodon
  • More
  • Click to share on Reddit (Opens in new window) Reddit
  • Click to share on Pocket (Opens in new window) Pocket
  • Click to share on Telegram (Opens in new window) Telegram
  • Click to share on WhatsApp (Opens in new window) WhatsApp

Like this:

Like Loading...
Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy
  • Twitter
  • Facebook
  • YouTube
  • Instagram
  • Telegram
©2025 GREENGROUND | WordPress Theme by Superbthemes.com
This website uses cookies
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish.Accept Reject Read More
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT
%d