A new malware campaign, Lucifer, that is capable of cryptojacking and denial-of-service (DDoS) attacks, has been identified by Unit 42, a research team of Palo Alto Network. The hybrid malware was detected manipulating the Laravel Framework 5.7.x’s liabilities.
The hackers have spread an updated version of the malware with anti-sandbox capability as well. They have employed credential brute-forcing techniques as well. Lucifer scans for credential weakness to gain unauthorized entry and scans for open 1433 (MSSQL) and TCP ports (135).