Meet Linux.lady a Very poweful Trojan that can convert Linux Servers into Bitcon mining monsters

linux.lady

A new Trojan named Linux.lady has been discovered. This one is said to be targeting Linux servers that run Redis NoSQL database.

This is happening due to insecure configurations by sysadmins and general lack of security in Redis. More servers haven vulnerable to this attach. Up to 30,000 Redis servers have become vulnerable to attacks. The malware make these servers vulnerable by converting them in to notorious Bitcoin miners.

Redis is just a NoSQL database system that is used to store data in key-value format. It makes used of an in memory system for data handling and subsequent queries. The malware has been discovered by Russian antivirus firm Dr.Web. This malware is written in google’s Go programming language and relies on open source Go libraries hosted on Github. Being a self-propagating malware, Linux.lady has the power to infect other computers on the network.

How the Trojan operate?

After the infection , Linux.lady uses another Trojan named Linux.downloader.196 to download the main payload. And once this one has been installed, Linux.Lady sends basic information about the compromised system to the c&c(command and control) server over SSH. The information sent by the Trojan incluide the trojan’s version, Number of CPUs on the machine, Host’s name, Number of running processes, Name of the operating system, Family of the operating system, Host’s uptime among others. A configuration file is then sent from the c&c (command and control) using the received information which start the bitcoin mining process on the infected computer.

Note: The Linux.lady does not exploit any Linux flaw while targeting Linux systems.

The security of Redis databases has been repeatedly criticized in different security reports. In order to defeat Linux.lady System admins have been advised to enable security mechanisms that add extra safety to systems

Categories: 

Share This Story

Subscribe to RUUT.ug

Keep Up with Technology! Our news to your Email

About Author

A Technology enthusiast, developer and content maker that wants to keep you in the loop of that i keep an eye on. Let's Tech