You are now subscribed
Your newsletter sign-up was successful
Want to add more newsletters?
Every Friday
GamesRadar+
Your weekly update on everything you could ever want to know about the games you already love, games we know you're going to love in the near future, and tales from the communities that surround them.
Every Thursday
GTA 6 O'clock
Our special GTA 6 newsletter, with breaking news, insider info, and rumor analysis from the award-winning GTA 6 O'clock experts.
Every Friday
Knowledge
From the creators of Edge: A weekly videogame industry newsletter with analysis from expert writers, guidance from professionals, and insight into what's on the horizon.
Every Thursday
The Setup
Hardware nerds unite, sign up to our free tech newsletter for a weekly digest of the hottest new tech, the latest gadgets on the test bench, and much more.
Every Wednesday
Switch 2 Spotlight
Sign up to our new Switch 2 newsletter, where we bring you the latest talking points on Nintendo's new console each week, bring you up to date on the news, and recommend what games to play.
Every Saturday
The Watchlist
Subscribe for a weekly digest of the movie and TV news that matters, direct to your inbox. From first-look trailers, interviews, reviews and explainers, we've got you covered.
Once a month
SFX
Get sneak previews, exclusive competitions and details of special events each month!
During the Great GPU Shortage of Yesteryear, cryptocurrency mining was all the rage. This also gave way to a class of 'cryptojacking' malware that would attempt to pilfer computing resources from an infected PC and use them to most often mine Monero. That has not been a big concern in a long while. However, security researchers at Unit 42 have discovered a new self-propagating malware strain that is a variant of old cryptojacking code.
The researchers have dubbed it "Lucifer," noting that the malware's author(s) named it "Satan DDoS," which some people might confuse with the similarly named "Satan Ransomware."
No matter what you want to call it, the researchers say it is "quite powerful in its capabilities," which extend beyond unauthorized cryptocurrency mining. It can also facilitate distributed denial of service (DDoS) attacks and spread through computer networks using a range of exploits that were developed by and stolen from the US National Security Agency (like EternalBlue).
Attacks have come in waves. The first one ended on June 10, 2020, but then a second wave kicked off the next day with an upgraded version that is "wreaking havoc." This second campaign is ongoing.
"While the vulnerabilities abused and attack tactics leveraged by this malware are nothing original, they once again deliver a message to all organizations, reminding them why it’s utterly important to keep systems up-to-date whenever possible, eliminate weak credentials, and have a layer of defenses for assurance," the researchers say.
The best line of defense against Lucifer is to ensure that Windows is fully patched with the latest updates. And the second line of defense is to use a strong password for your Windows login (and any account, really). That's because Lucifer attempts to brute-force its way into Windows systems, meaning it bombards PCs with commonly used login usernames (like administrator) and passwords (like 123123).
