The world of cryptocurrencies requires users to be exceptionally safe about their investment, whether the asset is stored on an exchange, in a hardware wallet or on a desktop computer. However, Microsoft’s research team recently discovered cryptojacking malware that is present on 80,000 devices.
A new discovery made by Microsoft’s Defender Advanced Threat Protection research team revealed that up to 80,000 computers are infected with malware that steals cryptocurrencies. The virus named Dexphot can be found on nearly 80,000 desktop computers since October last year and was only discovered by Microsoft on Tuesday.
The malware works by hijacking critical system processes to prevent the user from discovering its malicious activity, i.e. the installation of a cryptocurrency miner that mines or steals cryptocurrencies stored on the device. Additionally, the malware will ‘re-infect’ the device if the user attempts to remove it.
“Dexphot is not the type of attack that generates mainstream media attention; it’s one of the countless malware campaigns that are active at any given time. Its goal is a very common one in cybercriminal circles – to install a coin miner that silently steals computer resources and generates revenue for the attacker,” reads the report.
The malware is comparable to the viruses recently found in WAV audio files that researchers at BlackBerry Cylance have discovered. The intent of this type of malware is to install CPU miners on the device of the victim. In doing so, according to a recent report, the hackers gather valuable processing resources which can generate thousands of dollars per month in revenue.
In the cryptocurrency sector, the previously mentioned type of malware is commonly known as a ‘cryptojacking’ attack. The attack is very popular among hackers as it ensures a low visibility and high returns. In October, popular antivirus software producer ESET also discovered that a trojanized Tor Browser exists that steals bitcoin from users who buy products on the darknet.