Lemon Duck Cryptocurrency-Mining Botnet Activity Spikes

2020-10-13 20:41

Researchers are warning of a recent dramatic uptick in the activity of the Lemon Duck cryptocurrency-mining botnet, which targets victims' computer resources to mine the Monero virtual currency.

Researchers warn that Lemon Duck is "One of the more complex" mining botnets, with several interesting tricks up its sleeve.

While the botnet has been active since at least the end of December 2018, researchers observed an increase in DNS requests connected with its command-and-control and mining servers since the end of August, in a slew of attacks centered on Asia.

"Cisco Talos has identified activity in our endpoint telemetry associated with Lemon Duck cryptocurrency mining malware, affecting three different companies in the government, retail, and technology sectors," said researchers with Cisco Talos, in Tuesday research.

Other modules include a main spreading module, a Python-based module packaged using Pyinstaller, and a killer module designed to disable known competing mining botnets.

News URL

https://threatpost.com/lemon-duck-cryptocurrency-botnet/160046/

#botnet #cryptocurrency #mining #spike