Go Ad-Free
    My Alerts
    Moneycontrol
    Moneycontrol PRO
    HomeNewsTechnologyLemonDuck and LemonCat have evolved beyond just being coin miners

    LemonDuck and LemonCat have evolved beyond just being coin miners

    The malware that started as cryptocurrency miners are now more dangerous than ever

    Moneycontrol News
    July 24, 2021 / 14:00 IST
    The malware that started as cryptocurrency miners are now more dangerous than ever
    -
    • -
    • -
    • Volume: -
    Open Trading A/c
    -
    0 (0%)
    Todays L/H
    0
    0

    What started out as annoying cryptocurrency coin miners have now evolved into something far more dangerous. LemonDuck and LemonCat have moved beyond their mining botnet origins into something far more sinister.

    Today, LemonDuck is an actively updated malware that mines coins but also steals your credentials. It can remove security protocols and weakens your pc, making it ripe for potential threat actors to take control off.

    "It uses a wide range of spreading mechanisms—phishing emails, exploits, USB devices, brute force, among others—and it has shown that it can quickly take advantage of news, events, or the release of new exploits to run effective campaigns," says Microsoft's 365 Defender Threat Intelligence Team.

    "For example, in 2020, it was observed using COVID-19-themed lures in email attacks. In 2021, it exploited newly patched Exchange Server vulnerabilities to gain access to outdated systems," the team added.

    What makes LemonDuck more dangerous is that it has spread worldwide. According to Microsoft's report, United States, Russia, China, Germany, UK, India, Korea, Canada, France and Vietnam have known reported cases of LemonDuck infestation.

    The threat is also cross-platform and is constantly evolving thanks to active updates. Microsoft says that primary spread of LemonDuck and LemonCat are through phishing mails with subjects such as, "The Truth of COVID-19, COID-19 nCov Special info WHO, HALTH ADVISORY: CORONA VIRUS, WTF, What the fcuk, good bye, farewell letter, broken file, this is your order."

    These mails usually have an attachment and contain email body content that is designed to make you download the file, a few examples that Microsoft gave are, "Virus actually comes from United States of America, what's wrong with you? are you out of your mind!!! and file is brokened, i can't open it."

    If you ever see one of these mails in your inbox, don't open them and delete them.

    Invite your friends and family to sign up for MC Tech 3, our daily newsletter that breaks down the biggest tech and startup stories of the day

    Moneycontrol News
    first published: Jul 24, 2021 01:15 pm

    Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!

    Advertisement
    Remove Ad

    Crypto Basket
    Powered By Mudrex

    Bitcoin
    Current Price ₹ 7,978,322.14 1D returns -1.21%
    Buy Now
    Ethereum
    Current Price ₹ 270,069.22 1D returns -2.04%
    Buy Now
    BNB
    Current Price ₹ 77,068.64 1D returns -1.43%
    Buy Now
    Ripple
    Current Price ₹ 170.53 1D returns -1.70%
    Buy Now
    USD Coin
    Current Price ₹ 91.16 1D returns -0.01%
    Buy Now
    Solana
    Current Price ₹ 11,289.18 1D returns -2.00%
    Buy Now
    BTC 50 :: ETH 50
    1W returns0.92%
    Invest Now
    Crypto Blue Chip - 5
    1W returns0.03%
    Invest Now
    Smart Contract Tracker
    1W returns-0.24%
    Invest Now
    DeFi Tracker
    1W returns-1.39%
    Invest Now
    Web3 Tracker
    1W returns-2.93%
    Invest Now
    AI Tracker
    1W returns-4.84%
    Invest Now
    NFT & Metaverse Tracker
    1W returns-5.21%
    Invest Now
    Show More Show More

    Subscribe to Tech Newsletters

    • On Saturdays

      Find the best of Al News in one place, specially curated for you every weekend.

    • Daily-Weekdays

      Stay on top of the latest tech trends and biggest startup news.

    Advisory Alert: It has come to our attention that certain individuals are representing themselves as affiliates of Moneycontrol and soliciting funds on the false promise of assured returns on their investments. We wish to reiterate that Moneycontrol does not solicit funds from investors and neither does it promise any assured returns. In case you are approached by anyone making such claims, please write to us at grievanceofficer@nw18.com or call on 02268882347