- Lemon Duck attacks have surged within the past two months, with most targets being Windows users.
- The malware infects computer systems to mine Monero.
Security researchers at Cisco’s private cyber threat intelligence and research team, Talos Intelligence, recently warned about the increased activity of Lemon Duck, another digital currency mining botnet. The information shared by the cyber-security company showed that the attacks are increasingly spreading amongst computer systems running on Windows 10 for the past one month.
Lemon Duck attacks
As reported, the Lemon Duck botnet has already been in existence for the last two years. However, the crypto-hijacking attack suddenly increased within the last two months, with the major target being Windows 10 users. Basically, the malware inflicts computer systems to harness its computational power to mine digital currencies, particularly Monero (XMR), a privacy-focused digital currency.
According to the researchers, the massive increase in Lemon Duck attacks was propelled by the coronavirus pandemic. The malware first spreads to a computer system through an infected coronavirus-related email. Afterward, it will automatically spread the infected file to whatever contact is found on the system via Outlook.
Unending Monero malware
The emails contain two malicious files, one of which exploits a vulnerability in Microsoft system services, thereby making the Windows users (mostly Windows 10) the most vulnerable to the crypto hijacking attacks. Part of the information warned about how dangerous the Lemon Duck malware can be.
Once a computer system is affected, the malware hijacks the CPU or GPU, with which it constantly uses to mine the cryptocurrency, Monero. This can damage the hardware, given that constant mining with the processing units might result in high heat generation and might even cause explosions. Moreover, the users of the affected system will incur a high energy consumption rate.