On March 8th more than half a million PCs in Russia, Ukraine and Turkey came under attack from a new strain of malware attacking their Windows systems. This was an attack carried out by a cryptocurrency miner using the malware that spread rapidly to over 500,000 computers in a span of 12 hours. The aim of the malicious miner was to use the infected computers to mine Electroneum coins using the process hollowing technique.
The malware, a variation of Dofoil malware also called Smoke Loader was quickly detected by the Windows anti-malware, Windows Defender which was then able to analyze and stop the malware from spreading. Using the Microsoft cloud, Windows Defender was able to stop the malware from spreading to other computers using the Windows 7, 8 and 10 operation systems, along with blocking it from the computers under immediate threat.
Windows on their blog stated:
Windows Defender Antivirus blocked more than 80,000 instances of several sophisticated trojans that exhibited advanced cross-process injection techniques, persistence mechanisms, and evasion methods. Behavior-based signals coupled with cloud-powered machine learning models uncovered this new wave of infection attempts.
Rafael Danner, a security analyst at Kaspersky Labs says,
“Our computers are our lifelines and for many our livelihoods, so go ahead and invest a little and get your anti-virus software updated already. There are a lot of people out there who want what you have.”
Patrick Weber, a blockchain developer from Prague says,
“So a lesson learned for many and an eye opener for the rest.”
The post Windows PCs across Russia and Eastern Europe attacked by Mining Malware to mine Electroneum [ETN] appeared first on AMBCrypto.
Powered by WPeMatico