<ul><li>LemonDuck, a crypto-mining malware, targets Windows servers by exploiting vulnerabilities in Microsoft's Server Message Block (SMB) protocol, including CVE-2017-0144.</li><li>The malware has evolved with credential theft capabilities, detection evasion techniques, and multiple attack vectors.</li><li>SOC Prime Platform offers detection rules to identify LemonDuck attacks and enhance threat detection.</li><li>LemonDuck malware uses EternalBlue vulnerability, phishing emails, brute-force attacks, and PowerShell to infiltrate networks and mine cryptocurrency.</li></ul>

LemonDuck Malware Detection: Exploits CVE-2017-0144 and Other Microsoft’s Server Message BlockSMB Vulnerabilities for Cryptocurrency Mining

Discover more