LemonDuck, the crypto-mining malware targets both Windows and Linux Operating Systems. It also acts as a loader for follow-on attacks such as credential theft and the installation of other malware.

Infographic - LemonDuck Malware
Download Infographics

Download and share the infographic for free with employees.

How does it work?

1. The malware is delivered to user’s device via malicious email attachments (.doc, .js, .zip etc.), USBs or network drives.

2. Once downloaded, it installs a crypto-miner and gains access to control scheduled tasks in the user’s device.

3. The malware disables anti-malware products and removes competitive malware from the device.

4. Credentials and emails are collected and exfiltrated. It also deletes system recovery files.

5. The malware spreads to other devices via the network, creating a botnet of illegal crypto-miners.

We recommend the following tips

. Never download email attachments from unsolicited or unknown senders.

. Do not connect suspicious/unauthorized drives or USB devices to your official system or networks.