Cyble researchers have uncovered a sophisticated Linux botnet called “Luno,” designed for cryptocurrency mining, DDoS attacks, and remote command execution, with active long-term monetization strategies. This malware employs advanced evasion techniques and targets resource-constrained systems, posing a significant threat to Linux servers and gaming platforms. #Luno #DDoS #LinuxBotnet #CryptocurrencyMining
Keypoints
- The “Luno” botnet features process masquerading, binary replacement, and self-updating capabilities, indicating professional threat actor involvement.
- The malware is sold on Telegram for DDoS services targeting gaming servers, including Roblox, Minecraft, and Valve.
- It specifically targets embedded Linux systems using the default ash shell for resource-efficient cryptocurrency mining.
- Advanced DDoS modules includeFloods with randomized packet sizes and referrer spoofing to evade detection.
- Defenders should consider LunoC2 a long-term threat due to its resilience, modularity, and operational sophistication.
Read More: https://thecyberexpress.com/linux-botnet-combines-cryptomining-and-ddos/