Linux.Lady Trojan Turns Redis Servers to Mining Rigs

Gautham | August 14, 2016 | 4:30 pm
linux.lady

Linux.Lady Trojan Turns Redis Servers to Mining Rigs

Gautham | August 14, 2016 | 4:30 pm

Linux machine users beware! There is a new Trojan in town that can turn your devices into cryptocurrency mining rigs without your knowledge.

Discovered by the Russian cyber security firm Dr. Web, Linux.Lady (Linux.lady.1) is a Trojan built to target machines running on Linux operating system. The malicious software written in Go programming language is found to specifically affect servers running Redis NoSQL database. Once infected, Linux.Lady collects and transfers the information about the system to a command and control server. It is then found to download and execute a cryptocurrency mining software utility, turning the servers into cryptocurrency mining devices.

According to reports, there are currently over 30,000 Redis servers which are vulnerable to Linux.Lady. The program built using open source Go libraries freely available on GitHub is supported by another Trojan called Linux.Downloader.196.

Linux.Downloader.196 is responsible for downloading the main payload after the infection. Dr. Web’s analysis has shown Linux.Lady to send the following information to its command and control server over SSH.

  • Trojan’s version
  • Number of CPUs on the machine
  • Host’s name
  • Number of running processes
  • Name of the operating system
  • Family of the operating system
  • Host’s uptime

Linux.Lady makes itself at home by detecting the infected computer’s external IP. Once the IP is detected, it calculates the mask of the subnet External_ip\8 and connects to remote hosts using port 6379 which is commonly used by Redis.

Linux.Lady

The digital currency mined over infected systems by the Linux.Lady is occasionally sent to its “master’s” wallet. Redis has been known for security vulnerabilities and Linux.Lady exploits these vulnerabilities to infect other systems on the network as well.The security firm has advised network administrators to implement additional security mechanisms to prevent infection. Mining Bitcoin on computers in the current scenario is virtually impossible, but mining other altcoins is fairly easy and more economical. Information on the total amount of digital currency mined so far by infected systems is not yet available.

Ref: Dr. Web | Inquirer | Image: World News Daily Report
Tags: , , , , , , ,    

NewsBTC is a news service that covers bitcoin news, technical analysis & forecasts for bitcoin and other altcoins. Here at NewsBTC, we are dedicated to enlightening people all around the world about bitcoin and other cryptocurrencies. We cover news related to bitcoin exchanges, bitcoin mining and price forecasts for various virtual currencies.

Casinos

Choose from the top online casinos
in UK and enjoy the fun!

Read More  ›

We use cookies to give you the best online experience. By agreeing you accept the use of cookies in accordance with our cookie policy.