This malware has developed to steal login credentials of users, bypass security controls and spread rapidly in a system. It can infect both Linux and Windows devices.
A new malware is targeting Windows and Linux operating systems by using its computing resources for cryptocurrency mining activities. This malware named Lemonduck is spreading rapidly in platforms to increase its attack capacity. This rapidly evolving malware has been highlighted in a recent Microsoft blog post.
According to the post, Lemonduck is an “actively updated and robust malware” that is primarily known for its botnet and cryptocurrency mining activities. Once in the system, LemonDuck is able to install cryptocurrency mining devices on it which illicitly drains the processing power for mining cryptocurrencies.
This malware has developed to steal login credentials of users, bypass security controls and spread rapidly in a system. It can infect both Linux and Windows devices. Overall, this virus is more dangerous than other malware. For this reason, Microsoft notes this as a serious threat to enterprise setups where, typically, the two OSes are working in tandem.
In addition to new or popular vulnerabilities, Lemonduck also targets old vulnerabilities in these systems. This means that the attacker will be able to successfully access the malware.
How dangerous is this malware
Once it infects the system, the malware removes the vulnerabilities it used to gain access. This means that Lemonduck is able to prevent infection of its target system from any other source. This removes any other existing malware from the device. In this way, the attacker has a good control over the infected device.
Lemonduck uses multiple channels to reach a new target. This phishing can spread through email, exploits, USB devices, and other means. Microsoft has also identified instances in which criminals were spreading malware through Covid-19 themed email attacks.
LemonDuck showing for the first time in China
Lemonduck was first seen operating in China in May 2019. Since then, it has spread most actively to several other countries including the US, Russia, China, Germany, the United Kingdom, India, Korea, Canada, France and Vietnam. Malware primarily affects enterprises in the manufacturing and IoT sectors, where there are usually multiple computers.
Know how to avoid it
There should be a comprehensive investigation to stop such attacks. Microsoft claims to stop this malware through its Microsoft 365 Defender. Check Point also makes the same claim. If you want to avoid this type of attack, then follow basic online security checks, such as – use applications only from trusted sources and do not fall for phishing emails.
read this also-
Elon Musk targets Apple, says – 100 percent cobalt is used in Apple products compared to Tesla
Do you also want to buy Samsung smartphones? This news can disappoint