Security experts have identified a new malware targeting Windows systems with crypto-jacking and DDoS attacks, named Lucifer for its devilish features. Lucifer is a self-propagating malware, and initially bombards PCs in hopes of taking advantage of vulnerabilities. The malware capitalizes on lists of unpatched vulnerabilities to obtain a foothold in their targets’ systems.
The malware variant also leverages old vulnerabilities to spread and perform malicious activities on Windows devices. Security experts advise Windows users to apply updates and patches to the affected software as soon as possible. Vulnerabilities targeted include Rejetto HTTP File Server, Oracle Weblogic, ThinkPHP RCE, Apache Struts, Laravel Framework, and Microsoft Windows CVE-2017-0144, CVE-2017-0145, and CVE-2017-8464.