New cryptomining malware discovered
Security researchers have discovered a new cryptomining campaign called Lucifer that targets Apache and in particular the software libraries Hadoop and Druid, which are popular with many users. To do this, the attackers exploit existing misconfigurations and vulnerabilities. The active campaign uses a new variant of a well-known DDoS botnet focused on vulnerable Linux systems. The malware is known as “Lucifer” and, once compromised, uses infected Apache servers to mine the cryptocurrency Monero. The cybercriminals behind Lucifer focus on the Apache libraries Hadoop and Druid, which are very popular with developers, and...