• Skip to content
  • Skip to primary sidebar
  • Skip to footer
  • Gaming
  • Computing
  • Internet
  • Phone and communications
  • Software
  • Mobile computing

The source for tech buying advice

The latest technology news and reviews, covering computing, home entertainment systems, gadgets and more.

Microsoft says Windows Defender saved half a million PCs from crypto-mining malware

March 9, 2018 By discountbonus_sd3n3h



According to Microsoft, Windows 10's built-in antivirus software, Windows Defender, protected a malware epidemic that struck almost 500,000 PCs this week.

Just before midday on March 6, Windows Defender blocked 80,000 suspected attacks by a new group of trojans. They had never been seen before and weren't yet in Microsoft's threat database, but were identified based on their behaviour, which matched patterns commonly seen in malware. Within the next 12 hours, Defender recorded and thwarted another 400,000 instances.

The trojans were new variants of Dofoil (also known as Smoke Loader) – a type of malware that installs other software on the victim's device. Dofoil has been menacing PC users in various forms since 2011, but the payload keeps changing to keep with the times. This time, it was a cryptocurrency mining program that would hijack the host's hardware.

How Dofoil spreads

According to McAfee, Dofoil trojans usually arrive in email attachments – often embedded as macros in Microsoft Word documents. There are other routes though; in January, criminals targeted users in Germany looking for a patch for the Spectre and Meltdown bugs by creating a fake information page that appeared to be hosted by the German Federal Office for Information Security. The site appeared to offer a download link for the latest patch, but actually installed a variant of Dofoil.

Antivirus is essential and there are browser extensions that block webpages from loading cryptocurrency mining software, but the best way to protect yourself is caution – don't open attachments in unexpected emails and always check URLs before clicking.

The sheer scale of this attack makes it unusual, but Windows Defender isn't the only antivirus software to use behavioral analysis (also known as zero-hour protection) – it's something you'll find in all the security suites in our roundup of the best antivirus software.

  • How to protect yourself from cryptomining



Source link

Filed Under: Computing

Primary Sidebar

Recent Posts

Nvidia's first driver update of 2021 has arrived

Nvidia's first driver update of 2021 has arrived

The Nvidia 461.09 WHQL driver includes new security updates and bug fixes … [Read More...] about Nvidia's first driver update of 2021 has arrived

  • Intel Rocket Lake leak suggests Core i9-11900K could get a price cut to compete with AMD
  • How AI can create limitless boundaries for location intelligence
  • Dell's latest Chromebook is all about democratizing internet access

Follow Us Online

  • Facebook
  • Google+
  • LinkedIn
  • Pinterest
  • Twitter

Footer

Menus

  • Contact
  • Terms of Service
  • Privacy Policy

Most Posts

  • Running Windows apps on Linux is set to get a major boost
  • Gaming
  • Computing
  • Internet
  • Phone and communications
  • Software
  • Mobile computing

Newsletter

Copyright © 2021 · WordPress · Log in