Lemon Duck Continues to Evolve: How to Protect Yourself

Lemon Duck is a dangerous malware that was initially created by hackers for cryptojacking and later transformed into a malware loader to penetrate Windows and Linux machines and steal the data of users. After a PC is infected, the malware detects and eliminates other viruses and upgrades the patches. This ensures that these viruses will not enter the victim's device again, thus establishing malicious monopoly over it.

The virus is truly dangerous due to its wide variety of distribution channels (including email, USB, network devices, etc.) and cross-platform nature (both Windows and Linux affected), thus enabling more extensive coverage for hackers.

Lemon Duck and other viruses can be detected by a few indirect signs, like slower device operation and network connection. For example, Lemon Duck tries to enable remote access and data transfer to a third-party server.

To protect against Lemon Duck attacks, Microsoft recommends using Microsoft 365 Defender designed to secure the Office 365 service package. However, the software does not cover other attack vectors and thus cannot completely protect a device against the virus. Therefore, it is recommended that users combine Microsoft 365 Defender with a reliable antivirus that timely updates malware signature databases and carries out real-time security checks of all files and processes started on the device.

Furthermore, prompt (ideally automatic) software upgrades are also recommended as they often contain critical security patches. Another rule of thumb is to be cautious when downloading documents and using third-party USB devices, etc.