Microsoft security researchers have warned customers about the LemonDuck crypto-mining malware that attacks Windows and Linux systems, and is spreading via phishing emails, Universal Serial Bus devices, and brute force attacks, and through on-premise Exchange Server bugs.
The group behind the malware was using Exchange vulnerabilities exposed in March to mine for cryptocurrency in May, two years after its emergence.
The Microsoft 365 Defender Threat Intelligence Team said, "[LemonDuck] continues to use older vulnerabilities, which benefit the attackers at times when focus shifts to patching a popular vulnerability rather than investigating compromise. Notably, LemonDuck removes other attackers from a compromised device by getting rid of competing malware and preventing any new infections by patching the same vulnerabilities it used to gain access."
View Full Article
Abstracts Copyright © 2021 SmithBucklin, Washington, DC, USA