Begin typing your search above and press return to search.
proflie-avatar
Login
exit_to_app
DEEP READ
Munambam Waqf issue decoded
access_time 16 Nov 2024 10:48 PM IST
Ukraine
access_time 16 Aug 2023 11:16 AM IST
Foreign espionage in the UK
access_time 22 Oct 2024 2:08 PM IST
Netanyahu: the world’s Number 1 terrorist
access_time 5 Oct 2024 11:31 AM IST
exit_to_app
Homechevron_rightTechnologychevron_rightMicrosoft warns...

Microsoft warns customers of new crypto mining malware targeting Windows, Linux systems

text_fields
bookmark_border
Microsoft warns customers of new crypto mining malware targeting Windows, Linux systems
cancel

New Delhi: Microsoft has warned customers about a new crypto mining malware called 'LemonDuck', that is targeting Windows and Linux systems, spreading via phishing emails, exploits, USB devices and brute force attacks in various countries, including India.

"LemonDuck's threat to enterprises is also in the fact that it's a cross-platform threat. It's one of a few documented bot malware families that targets Linux systems as well as Windows devices," warned Microsoft 365 Defender Threat Intelligence Team.

The malware can quickly take advantage of news, events, or the release of new exploits to run effective campaigns.

"For example, in 2020, it was observed using Covid-19-themed lures in email attacks. In 2021, it exploited newly patched Exchange Server vulnerabilities to gain access to outdated systems," Microsoft informed.

This threat, however, does not just limit itself to new or popular vulnerabilities.It continues to use older vulnerabilities, which benefit the attackers at times when focus shifts to patching a popular vulnerability rather than investigating compromise.

"Notably, LemonDuck removes other attackers from a compromised device by getting rid of competing malware and preventing any new infections by patching the same vulnerabilities it used to gain access," said the company.

"Once inside a system with an Outlook mailbox, as part of its normal exploitation behaviour, LemonDuck attempts to run a script that utilises the credentials present on the device," the Microsoft team said.

"This means that email security policies that reduce scanning or coverage for internal mail need to be re-evaluated, as sending emails through contact scraping is very effective at bypassing email controls," the company suggested.

Meanwhile, US Secretary of State Antony Blinken said that the US and its allies had "formally confirmed" that China's Ministry of State Security (MSS) used the vulnerabilities in the Microsoft Exchange Server "in a massive cyber espionage operation that indiscriminately compromised thousands of computers and networks, mostly belonging to private sector victims.

Show Full Article
TAGS:MicrosoftWindowsnew crypto mining malwareLinux systems
Next Story