Skip to main content
Customer Support Customer Support

Denonia cryptominer is first malware to target AWS Lambda

Jasper_The_Rasper
Moderator
Forum|alt.badge.img+54

 

April 11,  2022  By Jovi Umawing

 

Security researchers at Cado Security, a cybersecurity forensics company, recently discovered the first publicly-known malware targeting Lambda, the serverless computing platform of Amazon Web Services (AWS).

Though Lambda has been around for less than ten years, serverless technology is considered relatively young, according to Matt Muir, one of Cado’s researchers. Because of this, security measures for such a technology is often overlooked.

This lack of oversight has now bore fruit.

The malware in question, dubbed “Denonia,” is a cryptominer, which is software that allows the mining of cryptocurrency on computers and servers. The malware’s name is inspired by the domain the threat actors behind the cryptominer communicate with.

A cryptominer may not be among the ranks of ransomware, worms, and general Trojans. Still, the possibility of them taking advantage of Lambda is already here; a Pandora’s Box that can no longer be sealed.

 

>> Full Article <<

    2 replies

    MajorHavoc
    Bronze VIP
    Forum|alt.badge.img+25
    • MajorHavoc
    • Bronze VIP
    • 1282 replies
    • April 11, 2022

    I have never really looked at Lambda before. But the idea of running code on a platform that you have no idea what ran before you seems like a LOT could go wrong.  Need to watch this space, seems like a prime place for hackers. Thanks for the article. 

    - Owen Rubin,  Apple Expert. Worked in Vision Pro team and early Mac HW and OS engineer at Apple. Machines: 2017 iMac Pro 27" 5K 3GHz 10-Core Xenon Sonoma 14.x. 2023 14" MacBookPro M2 Max Ventura 13.x, 2018 16" MacBookPro Ventura 13.x, and a dozen or so older machines for testing. iPhone 14 Pro, iPhone 13 Pro, iPhone 6.
    Jasper_The_Rasper
    MajorHavoc
    kleinmat4103
    3 people like this
    • Jasper_The_Rasper
      Jasper_The_Rasper
    • MajorHavoc
      MajorHavoc
    • kleinmat4103
      kleinmat4103
    kleinmat4103
    Popular Voice
    Forum|alt.badge.img+6
    • kleinmat4103
    • Popular Voice
    • 512 replies
    • April 21, 2022

    Oh boy. How long until we start to see breaches in AWS and Azure as more and more people move their servers to the cloud? How do we ensure security when putting critical infrastructure in environments outside our control?

    MajorHavoc
    1 person likes this
    • MajorHavoc
      MajorHavoc

    Reply


    Terms & Conditions