At a glance.
- Denonia malware hits AWS Lambda.
- Tax season identity theft.
- Reaction to the Cash App breach.
- Update on the Mailchimp incident.
New malware targets AWS Lambda.
The researchers at Cado Security announced yesterday they’ve discovered a new malware, dubbed Denonia, developed to specifically target Amazon Web Service (AWS) Lambda environments. Denonia appears to be the first malware specifically targeting Lambda, which is described by AWS as a “serverless, event-driven compute service that lets you run code for virtually any type of application or backend service without provisioning or managing servers.” SecurityWeek notes that while AWS is responsible for securing the underlying Lambda execution environment, customers must take extra action to secure the service’s functions, and failure to do so makes Lambda vulnerable to attack.
Denonia is currently being used for cryptocurrency mining, specifically of Monero (XMR), using a custom version of the popular XMRig mining software, but researchers are uncertain about how exactly the malware is being deployed. Cado explained, “It may simply be a matter of compromising AWS Access and Secret Keys then manually deploying into compromised Lambda environments, as we’ve seen before with more simple Python scripts.” Computer Weekly adds that Denonia is coded in the Go programming language, increasingly popular with malware developers due to the fact that it’s difficult for whitehats to analyze. Though Denonia is…
