Express Computer
Home  »  News  »  New Cryptominer Malware ‘Golang’ Obeserved By Barracuda Networks

New Cryptominer Malware ‘Golang’ Obeserved By Barracuda Networks

The malware targeting both Windows and Linux machines attacks web application frameworks, application servers, and non-HTTP services such as Redis and MSSQL Only seven IP addresses, all based in China, are linked to the malware variant so far The malware focuses on attacking servers instead of targeting end-users

0 200

Barracuda Networks, a trusted partner and leading provider of cloud-enabled security solutions, highlights the threat landscape in the month of June 2020. The brand researchers have identified a new variant of the cryptominer malware ‘Golang’ targeting both Windows and Linux machines. The new malware variant is aiming at mining the Monero cryptocurrency using a known miner, XMRig.

While the volume is still low, Barracuda researchers have recognized only seven IP addresses linked to this new malware variant so far, all based out of China. It has also been noticed that the Golang malware focuses on attacking web application frameworks, application servers, and non-HTTP services such as Redis and MSSQL, instead of targeting the end-users.

Although the previous variants of the malware have targeted only Linux machines, the Golang variation is also attacking Windows machines using a new pool of exploits like Oracle WebLogic, ElasticSearch, Drupal, Hadoop and IoT devices. For example, some of the exploits the malware includes are targeting the ThinkPHP web application framework, which is popular in China. As in other families of malware, it is safe to assume that this malware will keep evolving, employing more and more exploits.

Once the Golang malware infects a machine, it downloads the files like an Init/update script, a miner, a watchdog, a scanner, and a config file for the cryptominer, based on the platform it is attacking. For Windows machines, the malware also adds a backdoor user.

Speaking on the threat highlight, Fleming Shi, CTO at Barracuda Networks, commented “Malicious actors are once again turning to Golang as a malware language since it is not commonly tracked by antivirus software. As it targets vulnerable servers, it is still a top threat vector that cybercriminals look to exploit. However, we can defend organisations against this malware by monitoring the endpoints for suspicious activity as well as the surge in CPU usage, which is associated with most cryptominers. The threat of any future cryptojacking attack can be minimized by setting up vigorous, regularly tested incident response plans.”

Here are few important steps that can be followed protect servers against this malware variant:

  • Many organisations tend to overlook application security. It is necessary for them to have a web application firewall in place and properly configured as the new Golang malware spreads by scanning the internet for vulnerable machines.
  • As cybercriminals are always scanning for vulnerabilities to exploit, businesses should be well-informed with security patches and updates to stay ahead of these threats
  • Being aware of how this malware variant works can help organisations monitor their Windows and Linux servers for such type of malicious activity and take quick actions. For that, they should have a solution in place and a trained security team to identify the warning signs.

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

LIVE Webinar

Digitize your HR practice with extensions to success factors

Join us for a virtual meeting on how organizations can use these extensions to not just provide a better experience to its’ employees, but also to significantly improve the efficiency of the HR processes
REGISTER NOW 

Stay updated with News, Trending Stories & Conferences with Express Computer
Follow us on Linkedin
India's Leading e-Governance Summit is here!!! Attend and Know more.
Register Now!
close-image
Attend Webinar & Enhance Your Organisation's Digital Experience.
Register Now
close-image
Enable A Truly Seamless & Secure Workplace.
Register Now
close-image
Attend Inida's Largest BFSI Technology Conclave!
Register Now
close-image
Know how to protect your company in digital era.
Register Now
close-image
Protect Your Critical Assets From Well-Organized Hackers
Register Now
close-image
Find Solutions to Maintain Productivity
Register Now
close-image
Live Webinar : Improve customer experience with Voice Bots
Register Now
close-image
Live Event: Technology Day- Kerala, E- Governance Champions Awards
Register Now
close-image
Virtual Conference : Learn to Automate complex Business Processes
Register Now
close-image