Subscribe

Attackers Infiltrates AWS Lambda Services With Denonia Malware

Attackers were able to exploit and infiltrate AWS Lambda services using Denonia malware.

AWS Lambda is a server-less computing service provided by Amazon Web Services that allows code execution without server deployment or management.

While the process of compromise remains unknown, information about Denonia state that the malware uses the DNS protocol to encrypt DNS requests as HTTPS traffic.

This allows the malware to bypass detection and communicate in environments where DNS queries are blocked or unauthorized.

Once running, Denonia launches XMRig, a software to extract the cryptocurrency Monero. The malware then communicates with the IP address obtained from the DNS query on port 3333, a Monero mine pool.

While the investigation of the malware is still ongoing, there are now security tips for organizations. AWS customers need to keep AWS account information secure and not share it. Organizations are also recommended to activate multifactor authentication for each account.

Organizations should only use SSL/TLS (1.2 or later) protocols to communicate with AWS resources and API, and user activity should be enabled with AWS CloudTrail.

Businesses must ensure that all hardware used to access AWS Lambda is always up to date. In addition, the operating system should be patched to reduce the risk of infection by malware while working with AWS.

The sources for this piece include an article in TechRepublic.

Top Stories

Toyota confirms leak of 240GB of sensitive data in recent hack

Former Google CEO Eric Schmidt makes controversial comments

Study finds 94% of spreadsheets have critical errrors

Study says 94% of spreadsheets contain critical errors

Elon Musk claims DDoS attack caused issues in live-streamed interview with Trump – experts are skeptical

Google anti-trust ruling a financial disaster for Firefox

Related Articles

Europe Seeks Alternatives to U.S. Cloud Providers Amid Sovereignty Concerns

March 26, 2025 European nations and companies are actively pursuing alternatives to U.S.-based cloud service providers, driven by concerns over data more...

Google Confirms Data Deletion Error in Drive and Photos

March 23, 2025 Google has admitted to a technical error that caused some users’ files to be accidentally and permanently deleted more...

AWS claims its competition is “repatriation” with customers returning to on-premises infrastructure

September 18, 2024 In a surprising turn of events, cloud giant Amazon Web Services (AWS) is now claiming that it faces more...

Target’s new AI is aimed at employees

June 20, 2024 Target is introducing a new generative artificial intelligence tool aimed at enhancing the efficiency of its store employees more...

Jim Love

Jim Is and author and pud cast host with over 40 years in technology.

Share:
X/Twitter
Linkedin
Blue Sky
Tech News Day is a daily publication featuring key news stories about technology and how it affects businesses.

Follow Us

X-twitter Linkedin-in

Popular categories

Tech News Delivered

New, Relevant Tech Stories. Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize them to give you the key takeaways.
Subscribe
© 2025 TECHNEWSDAY. All rights reserved.