System Admin Stuff

Useful Posts Related to Windows,Unix,VMware,Veritas,Networking,Cluster etc.

Monday 10 May 2021

Lemon Duck botnet is targeting vulnerable Exchange servers

Unpatched Microsoft Exchange servers are being targeted by a cryptocurrency botnet.

What you need to know

  • The Lemon Duck cryptocurrency mining botnet is being used to target unpatched Microsoft Exchange servers.
  • Lemon Duck steals computer resources to mine for the Monero cryptocurrency.
  • 92% of worldwide Exchange IPs were patched or mitigated as of March 25, according to Microsoft.

Unpatched Microsoft Exchange servers continue to be targeted by malicious groups. A post by Cisco Talos explains that a cryptocurrency botnet called Lemon Duck is being used by operators to target vulnerable Microsoft Exchange servers (via ZDNet). The botnet's goal is to install a payload onto devices that can then be used to steal computer processing power to mine the Monero cryptocurrency.

Microsoft took several steps to address the effects of the Exchange server vulnerabilities. The company rolled out mitigation tools and updated Microsoft Defender Antivirus to address the issues. As of a March 25 security report from Microsoft, 92% of known worldwide Exchange IPs are patched or mitigated. Despite these efforts, there are still a large number of unpatched devices.

Talos explains why it has "medium confidence" that these recent events are related to Microsoft Exchange server vulnerabilities:

While analyzing telemetry related to ongoing Lemon Duck campaigns, we identified malicious activity being conducted on endpoints whose host names indicated they may be mail servers running Microsoft Exchange. This elevated our level of confidence that they may have been compromised by exploitation attempts targeting the previously described Microsoft Exchange vulnerabilities, with variants of known web shells being uploaded following successful system compromise.

Lemon Duck also utilizes Cobalt Strike, which is a software platform used by security penetration testers and as well as malicious actors. Using Cobalt Strike represents an evolution for Lemon Duck, according to Talos. The researchers state that using Cobalt Strike shows that the people behind Lemon Duck "continue to refine their approach to the attack lifecycle over time as they identify opportunities to increase their efficiency as well as the effectiveness of their attacks."



0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)

ShortNewsWeb

Loading...

Blog Archive

Categories

'The Woks of Life' Reminded Me to Cook With All the Flavors I Love (1) 13 of the Best Spooky Episodes From (Mostly) Un-Spooky Shows (1) 1Password Now Generates QR Codes to Share Wifi Passwords (1) 2024 (14) 30 Movies and TV Shows That Are Basically 'Competence Porn' (1) 30 of the Most Obscenely Patriotic Movies Ever (1) 31 Spooky Movies to Watch Throughout October (1) 40 Netflix Original Series You Should Watch (1) Active Directory (1) Adobe's AI Video Generator Might Be as Good as OpenAI's (1) AIX (1) and Max Bundle Isn't a Terrible Deal (1) Apache (2) Apple Intelligence Is Running Late (1) Apple Intelligence's Instructions Reveal How Apple Is Directing Its New AI (1) August 18 (1) August 4 (1) August 5 (1) Backup & Restore (2) best practices (1) bleepingcomputer (44) Blink Security Cameras Are up to 68% Off Ahead of Prime Day (1) CentOS (1) Configure PowerPath on Solaris (1) Documents (2) Don't Rely on a 'Monte Carlo' Retirement Analysis (1) Eight Cleaning Products TikTok Absolutely Loves (1) Eight of the Best Methods for Studying so You Actually Retain the Information (1) Eight Unexpected Ways a Restaurant Can Mislead You (1) Elevate Your Boring Store-Bought Pretzels With This Simple Seasoning Technique (1) Everything Announced at Apple's iPhone 16 Event (1) file system (6) Find (1) Five Red Flags to Look for in Any Restaurant (1) Flappy Bird's Creator Has Nothing to Do With Its 'Remake' (1) Four Reasons to Walk Out of a Job Interview (1) Four Signs Thieves Are Casing Your House (1) gaming (1) Hackers Now Have Access to 10 Billion Stolen Passwords (1) How I Finally Organized My Closet With a Digital Inventory System (1) How to Cancel Your Amazon Prime Membership After Prime Day Is Over (1) How to Choose the Best Weightlifting Straps for Your Workout (1) How to Keep Squirrels Off Your Bird Feeders (1) How to Take a Screenshot on a Mac (1) How to Take Full Control of Your Notifications on a Chromebook (1) Hulu (1) If You Got a Package You Didn't Order (1) Important Questions (17) Install and Configure PowerPath (1) interview questions for linux (2) Is ‘Ultra-Processed’ Food Really That Bad for You? (1) Is Amazon Prime Really Worth It? (1) It Might Be a Scam (1) July 14 (1) July 21 (1) July 28 (1) July 7 (1) June 30 (1) LifeHacker (93) Linux (36) Meta Releases Largest Open-Source AI Model Yet (1) Monitoring (3) music (688) My Favorite 14TB Hard Drive Is 25% Off Right Now (1) My Favorite Amazon Deal of the Day: Apple AirPods Max (2) My Favorite Amazon Deal of the Day: Google Nest Mesh WiFi Router (1) My Favorite Amazon Deal of the Day: Google Pixel 8 (1) My Favorite Amazon Deal of the Day: SHOKZ OpenMove Bone Conduction Headphones (1) My Favorite Tools for Managing Cords and Cables (1) Nagios (2) Newtorking (1) NFS (1) OMG! Ubuntu! (688) Oracle Linux (1) oracleasm (3) osnews (21) Password less communication (1) Patching (2) Poaching Is the Secret to Perfect Corn on the Cob (1) powerpath (1) Prioritize Your To-Do List By Imagining Rocks in a Jar (1) Red Hat Exam (1) register (39) Rsync (1) Safari’s ‘Distraction Control’ Will Help You Banish (Some) Pop Ups (1) Samba (1) Scrcpy (1) September 1 (1) September 15 (1) September 2 (1) September 22 (1) September 23 (1) September 8 (1) Seven Home 'Upgrades' That Aren’t Worth the Money (1) ssh (1) Swift Shift Is the Window Management Tool Apple Should Have Built (1) System hardening (1) Target’s Answer to Prime Day Starts July 7 (1) Tech (9533) Tech CENTRAL (15) Technical stories (94) technpina (6) The 30 Best Movies of the 2020s so Far (and Where to Watch Them) (1) The 30 Best Sports Movies You Can Stream Right Now (1) The Best Deals on Robot Vacuums for Amazon’s Early Prime Day Sale (1) The Best Deals on Ryobi Tools During Home Depot's Labor Day Sale (1) The Best Early Prime Day Sales on Power Tools (1) The Best Places to Go When You Don't Want to Be Around Kids (1) The Best Strategies for Lowering Your Credit Card Interest Rate (1) The Best Ways to Store All Your Bags and Purses (1) The New Disney+ (1) The Two Best Times of Year to Look for a New Job (1) These Meatball Shots Are My Favorite Football Season Snack (1) These Milwaukee Tools Are up to 69% off Right Now (1) This Google Nest Pro Is 30% Off for Prime Day (1) This Peanut Butter Latte Isn’t As Weird As It Sounds (1) This Tech Brand Will Get the Biggest Discounts During Prime Day (1) Three Quick Ways to Shorten a Necklace (1) Today’s Wordle Hints (and Answer) for Monday (3) Today’s Wordle Hints (and Answer) for Sunday (11) Try 'Pile Cleaning' When Your Mess Is Overwhelming (1) Ubuntu News (345) Ubuntu! (1) Unix (1) Use This App to Sync Apple Reminders With Your iPhone Calendar (1) veritas (2) Videos (1) Was ChatGPT Really Starting Conversations With Users? (1) Watch Out for These Red Flags in a Realtor Contract (1) Wayfair Is Having a '72-Hour Closeout' Sale to Compete With Prime Day (1) We Now Know When Google Will Roll Out Android 15 (1) What Is the 'Die With Zero' Movement (and Is It Right for You)? (1) What Not to Do When Training for a Marathon (1) What's New on Prime Video and Freevee in September 2024 (1) Windows (5) You Can Easily Add Words to Your Mac's Dictionary (1) You Can Get 'World War Z' on Sale for $19 Right Now (1) You Can Get a Membership to BJ's for Practically Free Right Now (1) You Can Get Beats Studio Buds+ on Sale for $100 Right Now (1) You Can Get Microsoft Visio 2021 Pro on Sale for $20 Right Now (1) You Can Get This 12-Port USB-C Hub on Sale for $90 Right Now (1) You Can Get This Roomba E5 Robot Vacuum on Sale for $170 Right Now (1) You Can Hire Your Own Personal HR Department (1) You Can Set Different Scrolling Directions for Your Mac’s Mouse and Trackpad (1)

Recent Comments

Popular Posts

Translate

My Blog List

Popular

System Admin Share

Loading...

Total Pageviews

Copyright © System Admin Stuff | Powered by Blogger
Published By Blogger Template | Design By ThemePix.com | Blogger Theme By Premium Blogger Templates