Lucifer malware emerged a couple of months ago as a typical Windows malware. However, it has now returned with even more power. Researchers have found the new Lucifer malware variants capable to target Linux systems.
Reportedly, researchers from NETSCOUT have found new variants of Lucifer malware that can target Linux devices. Sharing the details in a blog post, the researcher revealed that the new Lucifer strains exhibit more malicious functionalities.
While the Windows Lucifer versions limited themselves to cryptomining, the new ones can even steal credentials. For this, Lucifer leverages MIMIKATZ. This capability is in addition to the cryptomining and DDoS capabilities that resemble the Windows version.
Besides MIMIKATZ, the Linux version of Lucifer also supports TCP, UCP, ICMP, and HTTP-based DDoS attacks.
In brief, they discovered the new Linux Lucifer version while looking for additional samples. They found numerous similarities between the Linux and Windows versions. For instance, the same welcome message, use of the same C&C server, and same DDoS functionalities.
However, the Linux version is more advanced in terms of the DDoS attacks it can conduct. As stated by the researchers,