A new malware called “LemonDuck” is affecting Windows and the Linux system. The users of both the system are under threat of this malware. Microsoft has warned the users that the malware is running cryptocurrency mining software on the computer.
LemonDuck malware has evolved from a cryptocurrency botnet to a dangerous malware that can steal the user’s important data, can remove security controls and spread it via emails, and more.
Microsoft Warns Windows & Linux Users for LemonDuck Malware
Malware is a code that can cause unwanted changes to your system. It can steal credentials, spreads via emails, moves laterally, and more.
According to Microsoft, the LemonDuck malware is a cross-platform threat that targets both Windows and Linux-based machines. However, it can remove other malware from the device as it doesn’t want any other competition.
The countries like Russia, China, Germany, Canada, France, India, Korea, the United States, the United Kingdom, and Vietnam are the most infected countries.
Microsoft explained in a blog post,
“Today, beyond using resources for its traditional bot and mining activities, LemonDuck steals credentials, removes security controls, spreads via emails, moves laterally, and ultimately drops more tools for human-operated activity”.
To stay safe from this malware, the users should make sure that the antivirus software Microsoft 365 Defender is the latest version. The users must be aware while installing software from unofficial sources or opening attachments from unknown senders. These are the common reasons of getting infected by malware like LemonDuck.
The LemonDuck malware was first spotted in China in 2019. Later in 2020, it started email attacks by adopting COVID-19 themed lures. Microsoft says the malware can stop any new infections by patching the same vulnerabilities that are used to gain access.
It is a cryptocurrency miner software that is used to earn decentralized digital currency like Bitcoin by solving problems.