Microsoft says LemonDuck malware could be tricky to shift

The Microsoft 365 Defender Threat Intelligence team has provided interesting insights into the LemonDuck malware, which it describes as an “actively updated and robust malware.”

According to the researchers, LemonDuck, which is primarily known for its botnet and crypto mining activities, takes advantage of several high-profile security bugs, including the use of older vulnerabilities while security teams focus on patching newly discovered critical flaws.

In another interesting move, the malware will also patch vulnerabilities in the infected host, such as the widely abused ProxyLogon exploits in Microsoft Exchange servers, to stave off any competing malware.

The Microsoft 365 Defender Threat Intelligence team has provided interesting insights into the LemonDuck malware, which it describes as an “actively updated and robust malware.”

According to the researchers, LemonDuck, which is primarily known for its botnet and crypto mining activities, takes advantage of several high-profile security bugs, including the use of older vulnerabilities while security teams focus on patching newly discovered critical flaws.

In another interesting move, the malware will also patch vulnerabilities in the infected host, such as the widely abused ProxyLogon exploits in Microsoft Exchange servers, to stave off any competing malware.