A couple of weeks back, a security researcher who goes by the alias MalwareMustDie announced that he had discovered what he claimed to be the first ever Linux Malware written in the Lua language.
Upon reverse analysis of the malware, commonly known as LuaBot, he found it was designed primarily to target Internet of Things architectures. In addition, LuaBot also had a mysterious function that seemed to infiltrate through DDoS protection provided by US-based web security vendor Sucuri.
The source code of the malware also contained a hidden message that read: “Hi. Happy reversing, you can mail me: [REDACTED.ru email address].”
Following LuaBot’s discovery, a French security researcher that goes by the pseudonym x0rz contacted its author asking a few questions.
During the conversation with x0rz, the malware’s creator said that neither he was working for any info security company, no was he a cyber-thug affiliated to any hackers collective. He also claimed to be a “nobody”, adding that the malware was not harmful and it didn’t even steal the login credentials of affected routers.
Apparently, he had been working on LuaBot for years. Initially, it was only fun, he said, but later it started drawing profits. He didn’t clarify what kind of activities was he profiting for, but the hacker vows he was not messing around with any bank or government organizations.
You can read the full interview here.