SIITF
SNA

HOME
NEWS

New crypto malware targeting Windows, Linux systems: Microsoft

New crypto malware targeting Windows, Linux systems: Microsoft

Microsoft has warned customers about a new crypto mining malware that can steal credentials, remove security controls, spread via emails and ultimately drop more tools for human-operated activity.

 

Named as 'LemonDuck', the crypto mining malware is targeting Windows and Linux systems, spreading via phishing emails, exploits, USB devices and brute force attacks in various countries, including India.

 

The malware can quickly take advantage of news, events, or the release of new exploits to run effective campaigns. "LemonDuck's threat to enterprises is also the fact that it's a cross-platform threat.

 

In 2021, it exploited newly patched Exchange Server vulnerabilities to gain access to outdated systems," Microsoft informed. This threat, however, does not just limit itself to new or popular vulnerabilities.

 

It continues to use older vulnerabilities, which benefit the attackers at times when focus shifts to patching a popular vulnerability rather than investigating compromise.

 

LemonDuck targeted China heavily, but its operations have since expanded to include many other countries - the US, India, Russia, China, Germany, the UK, Korea, Canada, France, and Vietnam. Once inside a system with an Outlook mailbox, as part of its normal exploitation behaviour, LemonDuck attempts to run a script that utilises the credentials present on the device," the Microsoft team said.

 

The script instructs the mailbox to send copies of a phishing message with preset messages and attachments to all contacts. This means that email security policies that reduce scanning or coverage for internal mail need to be re-evaluated, as sending emails through contact scraping is very effective at bypassing email controls," the company suggested.

 

Last Monday, US President Joe Biden's administration finally came out publicly against China's involvement in cybercrimes, accusing it of running a massive global operation of "state-sponsored activities" causing billions of dollars of losses to victims.

See What’s Next in Tech With the Fast Forward Newsletter

SECURITY
View All
FortiGuard Labs forecasts Generative AI and CaaS operations to facilitate cyberattacks
Technology

FortiGuard Labs forecasts Generative AI and CaaS operations to facilitate cyberattacks

by VARINDIA 2023-11-29
77% Organizations Fall Victim to Repeated Cyberattacks: Trellix
Technology

77% Organizations Fall Victim to Repeated Cyberattacks: Trellix

by VARINDIA 2023-11-28
Trellix Detects Collaboration by Cybercriminals and Nation-States
Technology

Trellix Detects Collaboration by Cybercriminals and Nation-States

by VARINDIA 2023-11-23
SOFTWARE
View All
SiMa.ai and Supermicro announce Partnership to boost Power Efficient ML
Technology

SiMa.ai and Supermicro announce Partnership to boost Power Efficient ML

by VARINDIA 2023-12-04
HPE boosts business transformation with new AI-native architecture and hybrid cloud solutions
Technology

HPE boosts business transformation with new AI-native architecture and hybrid cloud solutions

by VARINDIA 2023-12-01
Kyndryl extends partnership with AWS to accelerate mainframe application modernization for Customers
Technology

Kyndryl extends partnership with AWS to accelerate mainframe application modernization for Customers

by VARINDIA 2023-12-01
START - UP
View All
ONDC along with Google Cloud India and others brings in ‘Build for Bharat’ nationwide initiative
Technology

ONDC along with Google Cloud India and others brings in ‘Build for Bharat’ nationwide initiative

by VARINDIA 2023-12-04
NeevCloud launches the country’s first Made in India AI SuperCloud
Technology

NeevCloud launches the country’s first Made in India AI SuperCloud

by VARINDIA 2023-11-23
ZEE & nasscom forge partnership to support Generative AI Startups
Technology

ZEE & nasscom forge partnership to support Generative AI Startups

by VARINDIA 2023-11-23

Tweets From @varindiamag

CIO - SPEAK
Automation has the potential to greatly improve efficiency and production

Automation has the potential to greatly improve efficiency and production

by VARINDIA
Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

Various approaches are followed to enhance efficiency, productivity, and cost-effectiveness

by VARINDIA
Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

Technology can be leveraged in several ways to boost efficiency, productivity and reduce cost

by VARINDIA
Start-Up and Unicorn Ecosystem
Mystifly to transform travel technology with Google Cloud

Mystifly to transform travel technology with Google Cloud

by VARINDIA
Affle strengthens its global tech IP portfolio with 15 patents

Affle strengthens its global tech IP portfolio with 15 patents

by VARINDIA
Noventiq rolls out Weaver Peer, a knowledge-based AI assistant

Noventiq rolls out Weaver Peer, a knowledge-based AI assistant

by VARINDIA
Oracle supports healthcare organizations with new capabilities

Oracle supports healthcare organizations with new capabilities

by VARINDIA
NetApp renews its partnership with Microsoft

NetApp renews its partnership with Microsoft

by VARINDIA
Varonis expands its Generative AI capabilities with launch of Athena AI

Varonis expands its Generative AI capabilities with launch of Athena AI

by VARINDIA
Mika named as the world's first robot CEO

Mika named as the world's first robot CEO

by VARINDIA
Technicolor Creative Studios integrates Dell infrastructure solutions for IT transformation

Technicolor Creative Studios integrates Dell infrastructure solutions for IT transformation

by VARINDIA
Katonic AI and Mindfields Global Join Forces to Integrate Automation with GenAI

Katonic AI and Mindfields Global Join Forces to Integrate Automation with GenAI

by VARINDIA
Spirent and Cadence partner to offer advanced chipset testing

Spirent and Cadence partner to offer advanced chipset testing

by VARINDIA