BitTorrent client responsible for coin-mining malware affecting over 400,000 PCs

Madeleine Dean By: Madeleine Dean
2 minute read
coin mining malware

Crypto-currency mining is one of the most popular search queries on Google. Everybody wants to get their hands on as many crypto-currencies as possible, and some even use dishonest strategies to reach their goal.

Microsoft recently revealed that a massive Dofoil campaign attempted to install malicious cryptocurrency miners on hundreds of thousands of Windows 10 computers.

Windows Defender saves the day

Fortunately, thanks to Windows Defender’s  advanced scanning capabilities and machine learning technologies, computers running Windows 10 were able to block this attack within milliseconds.

According to Microsoft’s report, BitTorrent client acted as a bridge to victims.

In the outbreak, which began in March 6, a pattern stood out: most of the malicious files were written by a process called mediaget.exe. This process is related to MediaGet, a BitTorrent client that we classify as potentially unwanted application (PUA).

Microsoft’s investigation revealed that the attack which took place at the beginning of March had been carefully planned since mid-February. As security engineers explained, the attackers performed an update poisoning campaign that installed a trojanized version of MediaGet on users computers.

The malware used Dofoil to deliver CoinMiner in order to use the victims’ computer resources to mine cryptocurrencies for the attackers.

Fortunately for users, the malicious process was quickly detected and blocked by Windows Defender Advanced Threat Protection.

Windows Defender AV protected customers from the Dofoil outbreak at the onset. Behavior-based detection technologies flagged Dofoil’s unusual persistence mechanism and immediately sent a signal to the cloud protection service, where multiple machine learning models blocked most instances at first sight.

This event highlights once again the importance of using a powerful security software to protect your computer against the latest threats. For more information on the best tools to use to protect your machine, check out the articles listed below:

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patented Technologies (requires upgrade).

Discussions

Next up

Update KB4470200 blocks problematic Insider build on Nuvoton PCs

Giles Ensor avatar. By: Giles Ensor
2 minute read

The cumulative update KB4470200 for Windows 10 Fast Ring has just launched in the November Patch Tuesday roll out, and it packs two important fixes. Grab […]

Continue Reading

Download KB4467697, KB4467703 to fix high CPU usage issues

Giles Ensor avatar. By: Giles Ensor
2 minute read

We continue our Patch Tuesday series. Two more updates for you in this article – KB4467697 and KB4467703, which both are an attempt to fix an issue […]

Continue Reading

Windows 10 KB4467708, KB4464455 fix black screen and camera issues

Giles Ensor avatar. By: Giles Ensor
3 minute read

In this article, we are going to be talking about two November 2018 Patch Tuesday updates – KB4467708 and KB4464455. Both these updates are quality improvement […]

Continue Reading