According to a new report published by the antivirus company Doctor Web, a Go-Based Linux Trojan, Dubbed Linux.Lady.1, is exploited by cyber criminals for cryptocurrency mining.
“Doctor Web analysts have detected and examined a new Linux Trojan which is able to run a cryptocurrency mining program on an infected computer. Its key feature lies in the fact that it is written in Go, a language developed by Google.” states the report published by Doctor Web.
The Linux.Lady Linux Trojan is written in Google’s Go programming language and it uses various libraries that are available on GitHub. Go was introduced by Google in 2009, the use of the Go programming language to develop a malicious code is not a novelty, it was first used with the intent of creating malware in 2012 despite it isn’t so popular in the vxer community.
When the Linux.Lady infects a system, it gathers information on the system, including the Linux operating system version, the number of CPUs and processes.
Once collected info on the infected host, the malware sent it back to a command and control (C&C) server, which in turn provides a configuration file for downloading a cryptocurrency mining application.
The sample of Linux.Lady analyzed by Doctor Web was mining a cryptocurrency namedMonero.
Another interesting feature implemented in the Linux.Lady allows the malware to spread to other Linux computers on the infected network.
Mining activities are a profitable business for cyber criminals that exploits victims’ computational resources to make money.
“Doctor Web analysts have detected and examined a new Linux Trojan which is able to run a cryptocurrency mining program on an infected computer. Its key feature lies in the fact that it is written in Go, a language developed by Google.” states the report published by Doctor Web.
The Linux.Lady Linux Trojan is written in Google’s Go programming language and it uses various libraries that are available on GitHub. Go was introduced by Google in 2009, the use of the Go programming language to develop a malicious code is not a novelty, it was first used with the intent of creating malware in 2012 despite it isn’t so popular in the vxer community.
When the Linux.Lady infects a system, it gathers information on the system, including the Linux operating system version, the number of CPUs and processes.
Once collected info on the infected host, the malware sent it back to a command and control (C&C) server, which in turn provides a configuration file for downloading a cryptocurrency mining application.
The sample of Linux.Lady analyzed by Doctor Web was mining a cryptocurrency namedMonero.
Another interesting feature implemented in the Linux.Lady allows the malware to spread to other Linux computers on the infected network.
Mining activities are a profitable business for cyber criminals that exploits victims’ computational resources to make money.
No comments:
Post a Comment