Microsoft Windows users warned of the LemonDuck malware threat; how to stay safe
Microsoft Windows and Linux users are under immediate threat from the Lemon Duck malware. This specific threat shows that malware has evolved over the years from infecting malfunctioning devices to stealing private and personal data and demanding a ransom and now, attackers have even started making money in the form of cryptocurrencies from their victims. Microsoft has now warned users that a well-known cross-platform malware that runs cryptocurrency mining software on victims' computers is now increasing its operations.
Increased Threat Perception: Recently Microsoft detailed the LemonDuck malware and its nefarious designs in a post on its Microsoft Security blog from the Microsoft 365 Defender Threat Intelligence team. Malware is capable of infecting and spreading through Windows and Linux systems and can spread very quickly through any network to spread to other computers. It can also allow more attacks that steal user credentials or even install ransomware and other threats.
About Malware: As per Microsoft, malware has been around for the past two years and has evolved and become even more resilient. Malware can also destroy other malware on the system. Microsoft says the malware also prevents new infections by "patching" the same vulnerabilities it used to gain access. A cryptocurrency miner is a software used to earn decentralized digital currency (like Bitcoin) by solving a computational problem, using the software on millions of computers could be quite profitable for hackers.
What users must be aware of LemonDuck malware: "Today, beyond using resources for its traditional bot and mining activities, LemonDuck steals credentials, removes security controls, spreads via emails, moves laterally, and ultimately drops more tools for human-operated activity," Microsoft explained in the blog, adding that countries like the United States, Russia, China, Germany, the United Kingdom, India, Korea, Canada, France, and Vietnam have seen the most infections so far.
New Malware on the Rise: Microsoft also details a second malware variant it has dubbed the LemonCat malware that can be used for more dangerous purposes. LemonCat could have emerged earlier this year, which means it is a relatively new attack infrastructure. However, Microsoft says it could have been used to target its Microsoft Exchange Server, which could have led to backdoor installation, credential theft, and even malware delivery.
How to stay safe from LemonDuck malware: For users to be safe and protected against this malware, they should ensure that their antivirus software (usually Microsoft Defender) is always up to date. They should also be careful about installing software from sources outside of the Microsoft Store or opening attachments from unknown senders, as these are common sources of infection for malware such as the LemonDuck malware.