A new self-propagating malware called ‘Lucifer’ launches cryptojacking and DDoS attacks against Windows systems to mine Monero.
On June 24, security experts from Palo Alto Networks’ Unit 42 warned on the software that operates under the name “Lucifer”.
Lucifer is a hybrid of cryptojacking and DDoS malware that leverages old vulnerabilities on the Windows platform.
According to the study, after breaking the security infrastructure, attackers execute commands that release DDoS attacks.
This allows them to install XMRig Miner, a Monero (XMR) mining app to launch cryptojacking attacks.
Palo Alto Networks claims that a related Monero wallet has received 0.493527 XMR so far which is approximately $32 as of the publication time.
The researches provided some recommendations to avoid Lucifer’s malware:
“Applying the updates and patches to the affected software are strongly advised. The vulnerable software includes Rejetto HTTP File Server, Jenkins, Oracle Weblogic, Drupal, Apache Struts, Laravel framework, and Microsoft Windows. Strong passwords are also encouraged to prevent dictionary attacks.”