Topic: [2018-03-10] Hackers Target 400,000 Computers with Mining Malware (Read 149 times)

Oh I was thinking about a scenario wherein the malware is already on the machine but okay you obviously know a lot more in information security than me haha.  This just goes to show that there is no full proof protection from hackers with malicious intent.

Browser hijacking via Javascript miners is probably the biggest threat amongst all mining malware right now, and antiviruses are not that great at preventing them. People usually recommend to use adblockers and noscript extensions, and while it does work, it also makes a lot of sites unusable, because Javascript provides interactivity and better user experience and is just required to even visit so many sites. So users have to be always cautious and monitor their resource activity while they browse to spot any suspicious behavior.

Thank God for Windows Defender.  This just goes to show how important it is to have anti-malware on your machine and to keep it up to date. Having an anti-virus on your system is sometimes not enough, updates would help the software to identify new forms of threats and intrusions.

I hear about this mining viruses before , that hackers make big mining botnets with 20-30-50k pc and mining from them crypto .
I just wanna impress how much they mining from so many pcs of PC hardware.

More than 400,000 personal computers have been attacked in a large-scale attempt to distribute cryptocurrency mining malware. The hackers used sophisticated trojans to infect PCs mostly in Russia, but also in Turkey, Ukraine, and other countries. The coordinated assault lasted more than 12 hours.


The complex malicious software has been trying to overcome antivirus defenses for more than 12 hours on March 6. According to Microsoft, the majority of the attacked computers, 73%, were located in Russia, followed by Turkey with 18% and Ukraine – 4%. Other countries have also been affected.

“Windows Defender blocked more than 80,000 instances of several sophisticated trojans that exhibited advanced cross-process injection techniques, persistence mechanisms, and evasion methods”, the research team developing Microsoft’s AV software announced. More than 400,000 users have been targeted, Bleeping Computer reports.

The behavior-based and cloud-powered machine learning models included in Windows Defender detected the trojan attack in its early stage, the researchers said. The threat was identified by the antivirus program, which started blocking further attempts within minutes.

According to the Windows Defender team, the Dofoil malware used in the attack tried to penetrate the explorer.exe process of the operating system and inject malicious code. Then, another explorer.exe was supposed to download and run the cryptocurrency miner masked as a legitimate Windows binary – wuauclt.exe. The antivirus software was able to detect these attempts, as the process was running from a different location on the hard drive.

More info - https://news.bitcoin.com/hackers-target-400000-computers-with-mining-malware/