Inside Out Security Blog   /     /  

Threat Update 32 - Lemon Duck Floats on Exchange ProxyLogon Vulnerability

Threat Update 32 - Lemon Duck Floats on Exchange ProxyLogon Vulnerability

What’s better than cryptocurrency? FREE cryptocurrency, right? Not if you’re one of the many victims of the Lemon Duck cryptomining botnet who is footing the bill for the “free” (to them) mining operations.

Not content to rest on their laurels, this ever-evolving cryptocurrency botnet started targeting Exchange servers vulnerable to ProxyLogon.

Join Kilian and Kyle Roth from the Varonis Incident Response Team as they discuss this new botnet functionality, and how Varonis helped detect, investigate, and respond to this attack in the field.

Articles referenced in this video:
Bleeping Computer: Microsoft Exchange exploits now used by cryptomining malware
Microsoft blog: Analyzing attacks taking advantage of the Exchange Server vulnerabilities

Not sure how to check if you are vulnerable to ProxyLogon? This video walks you through the use of some of the free vulnerability checker tools: https://youtu.be/WK_38f_rFpw​

👋To learn how else we can help, please visit us at: https://www.varonis.com/help/​

Varonis customers also get access to great educational content to help support them on their journey: https://www.varonis.com/how-to-videos/

We're Varonis.

We've been keeping the world's most valuable data out of enemy hands since 2005 with our market-leading data security platform.

How it works