Microsoft’s security engineering team has revealed a new type of malware, Dexphot, that has hijacked at least 80,000 computers around the world. The report notes that Windows devices have been infected with malware since October 2018 and peaked in mid-June, reaching more than 80,000 worldwide.
Since the software’s ultimate goal is to mine Bitcoin, not to steal user data, the technique is extremely high and is not the type of attack that attracts the attention of the mainstream media.
Staff on Microsoft’s security engineering team point out that Dexphot is extremely complex and has very specific modus operandi and technology. The complexity and development of threats that go far beyond everyday threats can bypass the protection of various security software for illegal profit.
One of its technologies is polymorphism camouflage, which can constantly change its footprint on the computer every 20-30 minutes. You can also reinstall yourself to ensure that there is enough time to dig.
Currently, microsoft is slowly slowly reducing the number of infected devices by deploying policies to improve detection rates and block attacks. As of July 31 this year, there were fewer than 10,000 units.