LemonDuck is back
Security expert Check Point is currently monitoring the activities of an old acquaintance: the crypto mining malware LemonDuck. This is now not only a threat to Windows devices, but is now also able to infect Linux systems after updates. The aim of the malware is the integration of the infected computers into a bot network and the use of the same and the associated resources for crypto mining. Although the current variant of the malware differs from the previous iterations, it still uses similar methods as before in terms of managing and hosting the infrastructure of the bot network, as Microsoft reports .
Christine Schönig, Regional Director Security Engineering CER, Office of the CTO at Check Point
Christine Schönig, Regional Director Security Engineering CER, Office of the CTO, at Check Point Software Technologies GmbH , on the rising attacks with LemonDuck: “The return of the LemonDuck malware reminds us that there is no such thing as a vulnerability that disappears forever. In fact, they often come back evolved, with the ability to do more damage. Signature-based security technologies such as antivirus and intrusion prevention systems (IPS) can only support as many signatures as the current threat landscape allows. It is important that you ensure that your operating systems are patched on time. Also, always make sure that you take out of service systems with outdated/unmaintained software, including operating systems.“
The security researchers at Check Point Research continuously analyze the threat landscape, both the different actors and the malware used in attacks, in order to become aware of new attack vectors at an early stage and to be able to constantly develop the protection of their own solutions.