• Skip to content
  • Skip to primary sidebar
  • Skip to footer
  • Gaming
  • Computing
  • Internet
  • Phone and communications
  • Software
  • Mobile computing

The source for tech buying advice

The latest technology news and reviews, covering computing, home entertainment systems, gadgets and more.

Microsoft says Windows Defender saved half a million PCs from crypto-mining malware

March 9, 2018 By discountbonus_sd3n3h



According to Microsoft, Windows 10's built-in antivirus software, Windows Defender, protected a malware epidemic that struck almost 500,000 PCs this week.

Just before midday on March 6, Windows Defender blocked 80,000 suspected attacks by a new group of trojans. They had never been seen before and weren't yet in Microsoft's threat database, but were identified based on their behaviour, which matched patterns commonly seen in malware. Within the next 12 hours, Defender recorded and thwarted another 400,000 instances.

The trojans were new variants of Dofoil (also known as Smoke Loader) – a type of malware that installs other software on the victim's device. Dofoil has been menacing PC users in various forms since 2011, but the payload keeps changing to keep with the times. This time, it was a cryptocurrency mining program that would hijack the host's hardware.

How Dofoil spreads

According to McAfee, Dofoil trojans usually arrive in email attachments – often embedded as macros in Microsoft Word documents. There are other routes though; in January, criminals targeted users in Germany looking for a patch for the Spectre and Meltdown bugs by creating a fake information page that appeared to be hosted by the German Federal Office for Information Security. The site appeared to offer a download link for the latest patch, but actually installed a variant of Dofoil.

Antivirus is essential and there are browser extensions that block webpages from loading cryptocurrency mining software, but the best way to protect yourself is caution – don't open attachments in unexpected emails and always check URLs before clicking.

The sheer scale of this attack makes it unusual, but Windows Defender isn't the only antivirus software to use behavioral analysis (also known as zero-hour protection) – it's something you'll find in all the security suites in our roundup of the best antivirus software.

  • How to protect yourself from cryptomining



Source link

Filed Under: Computing

Disclaimer: All the links on this page are ‘affiliate links’. This means we will earn commission from every customer we refer from this website. Our reviews are honest, we wouldn’t waste your time or put our reputation on the line by recommending anything we didn’t fully believe in.

Primary Sidebar

Disclaimer: All the links on this page are ‘affiliate links’. This means we will earn commission from every customer we refer from this website. Our reviews are honest, we wouldn’t waste your time or put our reputation on the line by recommending anything we didn’t fully believe in.

Recent Posts

Cisco routers have another high-risk vulnerability

Cisco routers have another high-risk vulnerability

Cybercriminals are actively exploiting vulnerabilities in Cisco's carrier-grade … [Read More...] about Cisco routers have another high-risk vulnerability

  • Moto G40 Fusion and Moto G60 launch set for April 20
  • Xbox Series S restock: Xbox Series S stock is available from the Microsoft Store
  • Google Earth's new Timelapse feature shows chilling effects of climate change

Follow Us Online

  • Facebook
  • Google+
  • LinkedIn
  • Pinterest
  • Twitter

Footer

Menus

  • Contact
  • Terms of Service
  • Privacy Policy

Most Posts

  • Squarespace dodges IPO in replace of Direct Listing
  • Gaming
  • Computing
  • Internet
  • Phone and communications
  • Software
  • Mobile computing

Newsletter

Copyright © 2021 · WordPress · Log in