A new crypto-mining botnet is spreading on the internet and affecting Windows 10 users. Researchers were able to discover the “Lemon Duck” crypto mining botnet and how it is affecting people all over the world.
The botnet is mining Monero (XMR) and it has been expanding massively in recent weeks. The worrying thing about this Monero botnet is the fact that it is difficult to detect.
What is the “Lemon Duck” Mining Botnet
As previously mentioned, the “Lemon Duck” mining botnet is affecting a large number of Windows 10 computers from all over the world. According to a report released by Cisco’s Talos Intelligence Group, Lemon Duck was able to bring cryptocurrency miners back into the spotlight.
It is clear that attackers are always changing the way in which they operate and affect the entire community. This is why the Lemon Duck mining bot has been expanding.
In order to infect computers, the botnet starts with a PowerShell loading script that has been copied from other systems. Lemon Duck will be downloaded and driven by the main module. In order to spread and infect users, the botnet uses a wide range of COVID-19 related subjects that contain an infected attachment for users.
It is worth taking into consideration that the Lemon Duck botnet is able to spread through networks in many different ways compared to other botnets that have been detected in the past.
On the matter, the report reads as follows:
“The Lemon Duck botnet has more ways to spread across a network than most malware we see. During our research, we recorded 12 independent infection vectors, ranging from standard copying over SMB shares to attempts using vulnerabilities in Redis and the YARN Hadoop resource manager and job scheduler.”
In order to work, the miner will be downloading tools to make its work more efficient and difficult to detect for Windows users. Some Linux systems have already been affected as well. The mining botnet is currently working with the XMR cryptocurrency that is easy to send and receive and it also protects senders and receivers from other individuals.
Monero is one of the largest cryptocurrencies in the world. It allows users to send and receive transfers and remain protected. The XMR digital asset uses a wide range of features that allow individuals to have their information, such as wallet address and funds transacted, protected and private.