Hackers Target 400,000 Computers with Mining Malware

More than 400,000 personal computers have been attacked in a large-scale attempt to distribute cryptocurrency mining malware. The hackers used sophisticated trojans to infect PCs mostly in Russia, but also in Turkey, Ukraine, and other countries. The coordinated assault lasted more than 12 hours.

Also read: New Monero Mining Malware Sends Proceeds to Kim Il Sung University, North Korea

Several Countries Affected, Russia Hit Harder

The complex malicious software has been trying to overcome antivirus defenses for more than 12 hours on March 6. According to Microsoft, the majority of the attacked computers, 73%, were located in Russia, followed by Turkey with 18% and Ukraine – 4%. Other countries have also been affected.

Hackers Target 400,000 Computers with Mining Malware“Windows Defender blocked more than 80,000 instances of several sophisticated trojans that exhibited advanced cross-process injection techniques, persistence mechanisms, and evasion methods”, the research team developing Microsoft’s AV software announced. More than 400,000 users have been targeted, Bleeping Computer reports.

The behavior-based and cloud-powered machine learning models included in Windows Defender detected the trojan attack in its early stage, the researchers said. The threat was identified by the antivirus program, which started blocking further attempts within minutes.

According to the Windows Defender team, the Dofoil malware used in the attack tried to penetrate the explorer.exe process of the operating system and inject malicious code. Then, another explorer.exe was supposed to download and run the cryptocurrency miner masked as a legitimate Windows binary – wuauclt.exe. The antivirus software was able to detect these attempts, as the process was running from a different location on the hard drive.

The Malware Mined Electroneum

Suspicious traffic was generated by the malware, when the coinminer tried to contact its command and control server located on the Namecoin network infrastructure. The malicious software was programmed to mine Electroneum. The cryptocurrency uses “app based mobile mining”, according to its website.

Microsoft claims that Windows 10, 8.1, and Windows 7 computers with installed Windows Defender or Microsoft Security Essentials have been protected automatically. According to Bleeping Computer, other antivirus programs have most likely detected the threat as well. Dofoil has been a known and active malware strain for several years now.

Hackers Target 400,000 Computers with Mining MalwareMalicious scripts have become a popular instrument for hackers trying to steal computing power in order to mine cryptocurrencies. There have been attempts to use popular platforms, like Facebook Messenger and Youtube, to spread mining malware. In multiple reports, cybersecurity firms have warned about attempts to hijack personal computers and even smartphonesto mine different coins.

According to a recent study by Kaspersky Lab, hackers are also targeting industrial enterprises, trying to take advantage of their computers and servers. Attacks on automated control systems have increased in the past year. From California-based electric car manufacturer Tesla, to a water purifying plant in Europe, a growing number of companies and institutions have reported attacks, despite their investments in cybersecurity.

Do you think your computer has been targeted by crypto mining malware? Tell us in the comments section below.


Images courtesy of Shutterstock. 


Make sure you do not miss any important Bitcoin-related news! Follow our news feed any which way you prefer; via Twitter, Facebook, Telegram, RSS or email (scroll down to the bottom of this page to subscribe). We’ve got daily, weekly and quarterly summaries in newsletter form. Bitcoin never sleeps. Neither do we.

Related articles

Coincheck to Start Compensating Hack Victims and Resume Operations Next Week

Posted On 10th March 2018
Repayment Beginning Next Week

Hacked Japanese exchange Coincheck is getting ready to start compensating its customers next week as it plans to resume operations. The exchange has been slapped with two business impr [...]

Credit Card Aims to Pay Users 1% Crypto Back Rewards

Posted On 10th March 2018
A Credit Line That Offers Crypto-Back Rewards for Every Purchase

A new type of credit card aims to pay users cryptocurrency rewards rather than the typical ‘cash back’ incentives offered by traditional cards. The San Francisco based startup Blockrize aim [...]

Wirex Launching Bitcoin Debit Cards in Europe

Posted On 10th March 2018
Crypto Cards Back in Europe

New crypto debit cards, with multiple currency accounts in GBP, EUR, USD, and BTC are offered by Wirex in Europe. The first plastic Visa cards were issued on Thursday, according to med [...]

Hackers Target 400,000 Computers with Mining Malware

Posted On 7th March 2018
Several Countries Affected, Russia Hit Harder

More than 400,000 personal computers have been attacked in a large-scale attempt to distribute cryptocurrency mining malware. The hackers used sophisticated trojans to infect PCs mostl [...]