Microsoft has announced the details of a new strain of malware that’s been doing the rounds and infecting computers around the world for over a year now.
First appearing in October 2018, the new malware – dubbed Dexphot – harnesses the resources of an infected computer in order to mine for cryptocurrency miners for the people behind the malware. The bad actors can then launder the digital currencies and exchange them for real money. This results in a hefty profit for the cybercriminal while at the same time maintaining anonymity.
Dexphot reached its apex around mid-June of 2018. By that point it had amassed a botnet of around 80,000 infected computers, all of which were mining for cryptocurrency without users even knowing. That botnet has shrunk somewhat recently with Microsoft issuing countermeasures to detect the malware better and prevent attacks.
One of the things that makes this malware so remarkable is that it employed incredibly complex attacks and techniques that would take a lot of effort to create. The malware took advantage of fileless execution, smart and redundant boot persistence mechanisms, and polymorphic methods.
The techniques used to create the malware are so complex that this level of redundancy is, according to Microsoft, is typically only found in malware developed by advanced hacking units with governments backing them. The reality is that these advanced techniques are now finding their way to more common cybercriminals.
Leave a Reply
Thank you for your response.
Please verify that you are not a robot.