Close Menu
Technotification
    Facebook X (Twitter) Instagram
    Facebook X (Twitter) Instagram
    Technotification
    • Home
    • News
    • How To
    • Explained
    • Facts
    • Lists
    • Programming
    • Security
    • Gaming
    Technotification
    Home › News › Microsoft Updates on LemonDuck and LemonCat Malwares

    Microsoft Updates on LemonDuck and LemonCat Malwares

    By Ratnesh ShindeAugust 10, 2021
    Facebook Twitter Reddit LinkedIn
    lemonduck-lemoncat-malware.jpg

    Microsoft’s 365 Defender Threat Intelligence Team released a comprehensive analysis of the LemonDuck and LemonCat malware families, which are used to mine the cryptocurrency Monero, among other things, after obtaining access to susceptible computers.

    Microsoft reports that LemonDuck is most frequently found on devices in the “United States, Russia, China, Germany, the United Kingdom, India, Korea, Canada, France, and Vietnam,” with the majority of instances occurring in the “United States.”

    In addition, the malware makes use of flaws in both Windows and Linux, allowing it to throw a broad net in its hunt for prospective victims as far as possible.

    In fact, LemonDuck has been active since at least 2019, so it isn’t a new danger. After a few months, it caught the attention of security firms such as Trend Micro and Cisco Talos. From around the beginning of January, however, it seemed that there were two distinct versions of the malware, both of which had many features but differed in several significant aspects as well.

    Even though both operating structures make use of the LemonDuck malware, Microsoft claims that they are “operated by two distinct entities” with “distinct goals.”

    The company claims to be aware of two distinct operating structures that use the LemonDuck malware but “may be operated by two distinct entities” with “distinct goals” as well.

    Although it opted to retain the LemonDuck brand for the first operational structure, a new name was chosen for the second structure. LemonCat is a newcomer to the group.

    “The LemonCat infrastructure is used in attacks that usually result in backdoor installation, credential and data theft,” according to Microsoft.

    “The infrastructure is used in attacks that usually end in backdoor installation, credential and data theft, and malware distribution,” according to the researchers. A company spokesperson said that lemoncat attacks are often more dangerous than attacks based on lemonduck, but this does not mean that the latter is entirely risk-free.

    There are a lot of things that are similar between LemonDuck and LemonCat, too.

    “They both utilise identical subdomain names and the same task titles, such as ‘blackball.’ The Duck and Cat infrastructures are quite similar in their design.

    Both infrastructures also make use of the same bundled components, which are hosted on similar or identical sites, for their mining, lateral movement, and competition-removal scripts, as well as many of the same function calls, which are used by both infrastructures as well.”

    LemonDuck and LemonCat were also compared to one another during different phases of the attack process, according to a chart supplied by the firm.

    When the LemonDuck infection is discovered, Microsoft plans to publish a companion piece that will include “in-depth technical analysis of the malicious actions that occur as a result of the infection,” as well as “guidance for investigating LemonDuck attacks, as well as mitigation recommendations for strengthening defences against these attacks.”

    However, for the time being, LemonDuck and LemonCat are notable for their wide reach, their ability to impact various operating systems, their ways of spreading over networks, and their capacity to continue functioning long after they were first discovered by researchers. (Or, at the very least, the first publication to describe LemonDuck’s method of assault. )

    A significant effect on the hardware that has been infected by the virus is also possible.

    In addition to affecting the performance of other applications, cryptocurrency mining may increase the load on components and result in higher electricity consumption. Because of this, LemonDuck’s operators can get the Monero they have mined without having to deal with any of the negative aspects of the process.

    Consequently, the best-case scenario for a LemonDuck or LemonCat infection is that it creates hardware issues for Monero miners to function normally.

    Even while it’s better than the worst-case scenario, which leaves the system vulnerable to additional vulnerabilities and the theft of information and passwords, the difference isn’t significant. ” With these lemons, there’s no lemonade to be produced.

    Share. Facebook Twitter LinkedIn Tumblr Reddit Telegram WhatsApp
    Ratnesh Shinde

    Related Posts

    NVIDIA GeForce NOW is Finally Coming to India

    January 8, 2025

    The Psychology of a Phishing Email: How Scammers Play with Your Mind

    July 16, 2024

    9 Essential Elements of a Strong Cyber Security Management System

    July 3, 2024

    Common Cyber Attacks and How to Prevent Them

    July 3, 2024

    How Cyber Security Paid Training Prepares You for Real-World Threats

    June 13, 2024

    The Role of Security in Server Colocation Environments

    March 12, 2024
    Lists You May Like

    10 Sites to Watch Free Korean Drama [2025 Edition]

    January 2, 2025

    The Pirate Bay Proxy List in 2025 [Updated List]

    January 2, 2025

    10 Best RARBG Alternative Sites in April 2025 [Working Links]

    April 1, 2025

    10 Best Torrent Search Engine Sites (2025 Edition)

    February 12, 2025

    10 Best GTA V Roleplay Servers in 2025 (Updated List)

    January 6, 2025

    5 Best Torrent Sites for Software in 2025

    January 2, 2025

    1337x Alternatives, Proxies, and Mirror Sites in 2025

    January 2, 2025

    10 Best Torrent Sites for eBooks in 2025 [Working]

    January 2, 2025

    10 Best Anime Torrent Sites in 2025 [Working Sites]

    January 6, 2025

    Top Free Photo Editing Software For PC in 2025

    January 2, 2025
    Pages
    • About
    • Contact
    • Privacy
    • Careers
    Privacy

    Information such as the type of browser being used, its operating system, and your IP address is gathered in order to enhance your online experience.

    © 2013 - 2025 Technotification | All rights reserved.

    Type above and press Enter to search. Press Esc to cancel.