Microsoft Raises Alarm As 80,000 Computers Are Attacked by Crypto-Stealing Bug, Dexphot

The Defender ATP research team from Microsoft is raising a very serious alarm. They are providing the details on a newly-discovered digital currency-stealing bug. It is clearly a big issue as a total of almost 80,000 computers have already been affected.

On the 26th of November, security analysts from Microsoft came to the public with their discovery of this devastating malware.

The name of the bug is Dexphot, and it is so lethal that it has already infected almost 80,000 devices. It is believed that it has been on a rampage since October 2018 and that it reached its highest in the month of June this year.

How It Works

The manner of the function of the bug is truly an interesting one. It is believed that this malicious bug takes over a vulnerable system and coordinates its processes. And does this in a way that it masks its own horrible activity. The main essence of the bug is to start its own parallel system of mining digital currencies on the device that it has hijacked.

That explains its description as a crypto-stealing bug. And even more intriguing thing about this bug is that whenever the users have detected it and they make attempts to get rid of it, something nastier happens.

Normal monitoring services and programmed tasks that are set by the computers owners, will ensure that there is a new infection. So, there is really no easy way to get rid of this bug that runs amok on so many systems.

The report went on the explain the true nature of the bug. It is not the kind of attack that gets the attention of the entire public. It is actually one of the numerous malware campaigns out there that are very active on a constant basis. The essence here is to get the installation of a coin miner done. This silently infiltrates the computer systems, do all the mining and the attackers end up smiling all the way to the bankers. Meanwhile, those who are owners of the infected systems are left to count the losses.

The Dexphot malware is very similar in several ways to the bug that was recently discovered with WAV audio files. This kind of malware campaign gives room for hackers to make use of CPU miners to gain access to the device of the victim. They steal all the processing resources of the system in question. This way, they are able to make thousands of dollars on a monthly basis just from the mining of cryptocurrency alone.

These types of bugs are becoming more prevalent among hackers. This is because they allow the attackers to make money while they work in the background without the user getting to know about it.

This practice is widely known as cryptojacking and it is giving security experts sleepless nights. Just last October, it was all over the news as to how a principal antivirus software supplier ESET noticed a trojanized Tor browser that was set up to steal cryptocurrency from those who were customers on the darknet.

Source