[Software] Lemonduck evolves and now attacks Linux

[SougarLord]

 

Several years ago a new virus called LemonDuck was discovered, which uses vulnerabilities to steal data and mine cryptocurrencies. After a long time, it has been seen that Lemonduck has evolved and now attacks the Linux system.

 

It is very rare that there is a virus that attacks Linux like the case that is presented to us today with LemonDuck. Viruses are usually made for the most widespread systems from which it is most likely to profit economically. For this reason, we almost only hear about Windows viruses, not so much about Mac or Linux viruses.

 

Linux vulnerabilities give way to LemonDuck virus

Among the new malicious functions that this new version of LemonDuck has, it is stealing credentials, deactivating computer security controls, going to the mail application and sending mass emails impersonating the identity of the sender, and opening security holes by itself to make it much easier to make future attacks. Without a doubt, it is a potentially dangerous virus, now more than it attacks Linux systems.

 

Linux is not the most widespread desktop operating system, but it is widely used in massive storage, data centers and more services due to its versatility. And now all these devices are at risk of being exposed and being used for malicious purposes. Some flaws Lemonduck can take advantage of:

 

• CVE-2019-0708,
• CVE-2017-0144
• CVE-2020-0796
• CVE-2017-8464
• CVE-2021-27065
• CVE-2021-26855
• CVE-2021-26857
• CVE-2021-26858

 

We are advised to patch and fix these security flaws if we can. Although this virus is especially focused on users in China, we must not lower our guard because it has been seen in systems in the United States, United Kingdom and the European Union, among others. In addition, despite the fact that in this news we have emphasized that LemonDuck attacks Linux users, if we have Windows we will also be exposed, so we have to review the files and our security systems.

Source: LinuxAdictos