Security researchers have discovered the first malware specifically developed to target Amazon Web Services (AWS) Lambda cloud environments with cryptominers.
AWS Lambda is a serverless computing platform for running code from hundreds of AWS services and software as a service (SaaS) apps without managing servers.
The new malware, dubbed Denonia by Cado Security researchers who spotted it being used in limited attacks, is a Go-based wrapper designed to deploy a custom XMRig cryptominer to mine for Monero cryptocurrency.
The sample they found was a 64-bit ELF executable targeting x86-64 systems uploaded to VirusTotal in February. They later discovered a
second sample uploaded a month earlier, in January, hinting at these attacks spanning at least a couple of months.