applancer Advertise

Coordinated Malware attack led to infiltration of 400,000 PCs

Mar 10, 2018 Posted /  6011 Views

Coordinated Malware attack led to infiltration of 400,000 PCs

The anguish caused by the cryptocurrency space is rising humongous. While regulators across the world are trying to chain the largely unregulated industry, the scams, frauds have given fuel to already aggressive positions. And, now the catastrophic and self-immolating move is made by the miners who are infecting the computers worldwide.

Read More Related Articles

As reported by the media, more than 400,000 personal computers have been infiltrated in a large-scale attempt to disseminate cryptocurrency mining malware. It is noteworthy that the hackers employed sophisticated trojans to contaminate PCs majorly in Russia, but also in Turkey, Ukraine, and several other countries. The coordinated onslaught persisted for more than 12 hours.

Russia infected majorly

Reportedly, the complex malicious software which started on March 6 was fighting with the antivirus defenses for more than 12 hours and according to Microsoft, the major portion of the infiltrated computers existed in Russia (approximately 73%). The next most infected country was Turkey which accounted for 18% of the total and other was Ukraine (4%). Many computers in several other parts of the world have also been affected.

The research team developing Microsoft’s AV software announced that Malware “Windows Defender blocked more than 80,000 instances of several sophisticated trojans that exhibited advanced cross-process injection techniques, persistence mechanisms, and evasion methods”. And as told by the Bleeping Computers, more than 400,000 users have been targeted.

The researchers further stated that the behavior-based and cloud-powered machine learning models incorporated in Windows Defender caught the trojan attack in its immediate stages. The peril was recognized by the antivirus program, which commenced barring further attempts of the combined assault within minutes.

As told by the Windows Defender team, the Dofoil malware employed in the attack attempted to penetrate the explorer.exe process of the operating system and implant malicious code. After that, another explorer.exe was deemed to download and run the cryptocurrency miner concealed as a genuine Windows binary – wuauclt.exe. The antivirus software was equipped with detecting these endeavors, as the process was running from a distinct place on the hard drive.

Mining Electroneum

Shady traffic was created by the malware when the coin miner attempted to communicate its command and control server located on the Namecoin network infrastructure. Media reports say that the malicious software was programmed to mine Electroneum. According to the Electroneum website, the virtual currency uses “app-based mobile mining.”

Microsoft has justified and made claims that Windows 10, 8.1, and Windows 7 computers are inherently installed with Windows Defender or Microsoft Security Essentials and is automatically secure. As per the reports of Bleeping Computer, other antivirus programs have most reasonably identified the threat as well. Dofoil has been a well-known and powerful malware force for many years now.

Mining MalwareMalicious scripts are a successful instrument for hackers who are trying to steal computing power to mine cryptocurrencies. There have been trials to employ conventional platforms, like Facebook Messenger and Youtube, to diffuse mining malware. In recurring reports, cybersecurity firms have advised and notified about the efforts made to capture personal computers and even smartphones to mine several coins.

Even the recent study conducted by the Kaspersky Lab remarked that hackers are also directing attacks on industrial enterprises, trying to use resources of their computers and servers. Additionally, assaults on automated control systems have escalated in the past year. They have covered everyone from California-based Tesla, to a water purifying plant in Europe. Lately, a swelling number of companies and institutions have recorded attacks and hacks despite expenses paid by them for cybersecurity.

Applancer is an open platform for discussion on all things like Blockchain , Cryptocurrency and Ico news updates. As such, the opinions expressed in this article are the author's own and do not necessarily reflect the view of Applancer .

For more details on how you can submit an opinion or any news , view our Editorial Policy or email [email protected].

Tags: Malware attack cryptocurrency Cryptocurrency Mining russia

Hottest Blockchain Newsletter

For updates and exclusive offers, enter your e-mail below.