Attackers Infiltrates AWS Lambda Services With Denonia Malware

Share post:

Attackers were able to exploit and infiltrate AWS Lambda services using Denonia malware.

AWS Lambda is a server-less computing service provided by Amazon Web Services that allows code execution without server deployment or management.

While the process of compromise remains unknown, information about Denonia state that the malware uses the DNS protocol to encrypt DNS requests as HTTPS traffic.

This allows the malware to bypass detection and communicate in environments where DNS queries are blocked or unauthorized.

Once running, Denonia launches XMRig, a software to extract the cryptocurrency Monero. The malware then communicates with the IP address obtained from the DNS query on port 3333, a Monero mine pool.

While the investigation of the malware is still ongoing, there are now security tips for organizations. AWS customers need to keep AWS account information secure and not share it. Organizations are also recommended to activate multifactor authentication for each account.

Organizations should only use SSL/TLS (1.2 or later) protocols to communicate with AWS resources and API, and user activity should be enabled with AWS CloudTrail.

Businesses must ensure that all hardware used to access AWS Lambda is always up to date. In addition, the operating system should be patched to reduce the risk of infection by malware while working with AWS.

The sources for this piece include an article in TechRepublic.



Related articles

AI chatbots used for X-rated activity draws scrutiny

Following scrutiny from authorities and other people involved, Replika, an app that uses AI technology similar to OpenAI's...

Stanford researchers makes budget friendly ChatGPT AI

Stanford researchers fine-tuned a seven-billion-parameter variant of Meta's recently announced LLaMA model using 52,000 instruction-following demonstrations generated by...

Microsoft launches AI-powered Copilot

Microsoft has introduced a new AI-powered Copilot for its Microsoft 365 apps and services. The AI-powered Copilot is...

Apple experiments with language-generating AI

Apple discussed AI and large language models at a recent internal event, revealing its experiments with language-generating artificial...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways