• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
first malware targeting aws lambda serverless platform discovered

First Malware Targeting AWS Lambda Serverless Platform Discovered

You are here: Home / General Cyber Security News / First Malware Targeting AWS Lambda Serverless Platform Discovered
April 7, 2022

A 1st-of-its-kind malware concentrating on Amazon Web Services’ (AWS) Lambda serverless computing system has been learned in the wild.

Dubbed “Denonia” right after the name of the domain it communicates with, “the malware uses more recent tackle resolution approaches for command and control website traffic to evade regular detection measures and virtual network access controls,” Cado Labs researcher Matt Muir explained.

CyberSecurity

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


The artifact analyzed by the cybersecurity organization was uploaded to the VirusTotal database on February 25, 2022, sporting the identify “python” and packaged as a 64-little bit ELF executable.

Nonetheless, the filename is a misnomer, as Denonia is programmed in Go and harbors a custom-made variant of the XMRig cryptocurrency mining computer software. That said, the manner of preliminary obtain is not known, while it is suspected it may possibly have involved the compromise of AWS Entry and Solution Keys.

One more noteworthy attribute of the malware is its use of DNS over HTTPS (DoH) for communicating with its command-and-control server (“gw.denonia[.]xyz”) by concealing the site visitors inside encrypted DNS queries.

CyberSecurity

Even so, “python” is not the only sample of Denonia unearthed so considerably, what with Cado Labs obtaining a 2nd sample (named “bc50541af8fe6239f0faa7c57a44d119.virus”) that was uploaded to VirusTotal on January 3, 2022.

“Whilst this initially sample is pretty innocuous in that it only runs crypto-mining computer software, it demonstrates how attackers are employing advanced cloud-particular expertise to exploit intricate cloud infrastructure, and is indicative of likely long run, far more nefarious attacks,” Muir mentioned.

Identified this short article appealing? Abide by THN on Facebook, Twitter  and LinkedIn to read a lot more distinctive content material we publish.


Some elements of this write-up are sourced from:
thehackernews.com

Previous Post: «hamas linked hackers targeting high ranking israelis using 'catfish' lures Hamas-linked Hackers Targeting High-Ranking Israelis Using ‘Catfish’ Lures
Next Post: Why the ECJ’s metadata ruling endangers the safety of women why the ecj's metadata ruling endangers the safety of women»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Russian Turla Hackers Hijack Decade-Old Malware Infrastructure to Deploy New Backdoors
  • WhatsApp Unveils Proxy Support to Tackle Internet Censorship
  • Hackers Using CAPTCHA Bypass Tactics in Freejacking Campaign on GitHub
  • Blind Eagle Hacking Group Targets South America With New Tools
  • US Family Planning Non-Profit MFHS Confirms Ransomware Attack
  • Microsoft Reveals Tactics Used by 4 Ransomware Families Targeting macOS
  • Dridex Malware Now Attacking macOS Systems with Novel Infection Method
  • Cyber attacks on UK organisations surged 77% in 2022, new research finds
  • WhatsApp to combat internet blackouts with proxy server support
  • The IT Pro Podcast: Going passwordless

Copyright © TheCyberSecurity.News, All Rights Reserved.