Pi Capital
Date of publication: 28 November 2019
Microsoft researchers have detected the infection of 80,000 devices with a hidden miner Dexphot


The Microsoft Defender ATP research group spoke about a new version of malware for hidden mining of cryptocurrencies, which already infected about 80,000 computers.

Microsoft security analysts have discovered that a hidden miner called Dexphot has already infected nearly 80,000 devices since October 2018, peaking in June this year.

Malicious code is reportedly taking control of system processes to hide its work, and its ultimate goal is to launch a cryptocurrency miner on an infected device. When a user tries to remove malware, monitoring services and scheduled tasks trigger reinfection. A Microsoft report says:

“Dexphot is not the type of attack that attracts media attention. This is one of the countless malicious campaigns that always exist. The virus pursues one of the most popular goals of cybercriminals - the installation of a hidden cryptocurrency miner that imperceptibly consumes computer resources and generates income for attackers. ”

Recently, ESET, a cyber-security company, said criminals are using YouTube’s video service to spread a miner virus for covert mining of Monero cryptocurrency. Recall that in September it became known about the discovery of a new virus-miner Skidmap for the Linux operating system.

Alexey Shternshis
Pi Capital Union

Back to the list