New crypto malware targeting Windows, Linux systems: Microsoft
Named as 'LemonDuck', the crypto mining malware is targeting Windows and Linux systems, spreading via phishing emails, exploits, USB devices and brute force attacks in various countries, including India.
The malware can quickly take advantage of news, events, or the release of new exploits to run effective campaigns. "LemonDuck's threat to enterprises is also the fact that it's a cross-platform threat.
In 2021, it exploited newly patched Exchange Server vulnerabilities to gain access to outdated systems," Microsoft informed. This threat, however, does not just limit itself to new or popular vulnerabilities.
It continues to use older vulnerabilities, which benefit the attackers at times when focus shifts to patching a popular vulnerability rather than investigating compromise.
LemonDuck targeted China heavily, but its operations have since expanded to include many other countries - the US, India, Russia, China, Germany, the UK, Korea, Canada, France, and Vietnam. Once inside a system with an Outlook mailbox, as part of its normal exploitation behaviour, LemonDuck attempts to run a script that utilises the credentials present on the device," the Microsoft team said.
The script instructs the mailbox to send copies of a phishing message with preset messages and attachments to all contacts. This means that email security policies that reduce scanning or coverage for internal mail need to be re-evaluated, as sending emails through contact scraping is very effective at bypassing email controls," the company suggested.
Last Monday, US President Joe Biden's administration finally came out publicly against China's involvement in cybercrimes, accusing it of running a massive global operation of "state-sponsored activities" causing billions of dollars of losses to victims.
Zoho One announces new apps, services and platform enhancements
Zoho Corporation has introduced six new apps, three new services and seven major platform...
Happiest Minds included in Now Tech: Robotic Process Automation Services analyst report
Happiest Minds Technologies Limited (NSE: HAPPSTMNDS), a ‘Born Digital. Born Agile&r...
Asia-Pacific Women leaders power up for 4th annual Women to held from November 1-5
Hundreds of ambitious women in business will gather virtually at the fourth annual Wo...
India Pavilion at Expo 2020 Dubai to host ‘Space Week’ starting 17th Oct
The India Pavilion at Expo 2020 Dubai today announced the agenda for the upcoming Space We...
FOCUS BANGALORE and NSIC organises virtual conference
FOCUS BANGALORE( Forum of Critical Utility Services) and NSIC ( National Small Industries...