Dexphot Malware Cryptojacked 80,000+ Computers | Avast

Dexphot Malware Cryptojacked 80,000+ Computers | Avast
Avast Security News Team, 29 November 2019

Plus, data-stealing apps target Twitter and Facebook users, a ransomware attack affects over 100 nursing homes, and the FBI warns the auto industry about cyberattacks



Microsoft’s security team released details about a new malware that uses sophisticated and stealthy tactics to evade detection, ZDNet reported. Dexphot, as the malware is called, runs a complicated series of actions to infect and hijack the system for crypto-mining. One of the operations employed is known as process hollowing, a fileless technique for making use of legitimate system processes by hollowing them out and filling them with malicious code. Another operation of the Dexphot malware is polymorphism, a technique that uses different names for the malicious files in an attack, varying them from one attack to the next so they cannot be added to security nets. Both of these tactics make detection especially difficult. The malware also burrows into the system’s scheduled tasks, setting up a re-infection failsafe in case any of the malware’s processes get disturbed. Once the malware senses it is being threatened, it terminates all malicious functions and then reinfects the system. With researchers tracking Dexphot since October 2018, Microsoft noted that the malware reached peak volume in June 2019 when it infected almost 80,000 systems in one day. Since then, Dexphot attacks have been dropping in number.
This week’s stat 
91% of people have left a website that was slow to load, a Harris Poll shows
Google graphic
Google gives details on state-sponsored phishing
In a blog post this week, Google explained a security operation the company ra ..

Support the originator by clicking the read the rest link below.