Over 400,000 computers have been infected with a cryptocurrency miner disguised as a BitTorent client.
Numerous reports state that over 400,000 computers have been infected with malware known as Dofoil, which is designed to mine cryptocurrency. The majority of attacks took place in Russia, Ukraine, and Turkey. While these countries seem to be the primary target, it is critical to note that this malicious application could spread elsewhere as well. Thus, being aware of its existence and keeping your operating secure is paramount.
Devious distribution methods and silent functionality makes Dofoil hard to track
During the investigation, it has been discovered that developers of Dofoil used a dubious method to infect such a large number of computers. As it turns out, cyber crooks injected malicious code into a Russian BitTorrent client known as Mediaget. While this application is not malicious by itself, its newest update, when launched, connects with its C&C (Command-and-Control) server and downloads the cryptocurrency miner.
Unfortunately, most users did not realize that Dofoil is up and running on their operating system, because of its sneaky design. According to reports this malware was not identified by some antimalware tools because the setup file of Mediaget is signed with a verified digital signature.
Such distribution techniques are similar to the CCleaner cyber-attack, which has been carried out last year. As you may recall, cyber criminals injected malicious code into an update of CCleaner. Once lunched, the update replaced the original files of this application with corrupted ones, which downloaded the Floxif malware. During this particular attack, malware developers succeeded to infect over 2 million machines.
Dofoil can make your computer unusable
Once this intrusive program is up and running on your operating system, it starts relocating your computer's resources to mine cryptocurrencies. Like most contemporary cryptocurrency miners it uses the resources of your CPU and GPU without any authorization. It is critical to note that the task of mining cryptocurrencies takes an enormous toll on your system. Thus, using it the way you are used to will be virtually impossible. Most users experience a significant slowdown of their PC at first; in severe cases, your computer could crash without any warning.
On top of that, it has been discovered that Dofoil could create a backdoor to your operating system. It means that there is a chance other suspicious and malicious programs could enter your operating system without a lot of troubles. Therefore, we highly advise you to check your operating system for other dangerous software, if your PC has been infected with the malware in question.
Take all the necessary measures to improve your virtual security
Nowadays, as malware developers are on a constant look to make quick illegal profits from naive Internet users, virtual security should be every user's utmost priority. To limit the chances of infecting your PC with Dofoil or any other suspicious program, you must take precautionary measures.
It is critical to note that just by using BitTorrent clients, you increase the chances of encountering dangerous and harmful applications. That is so because content spread through peer-to-peer file sharing programs is not appropriately monitored.
Also, our researchers recommend practicing safe browsing habits. Be sure to refrain from all unauthorized download sites as they can host suspicious content. Additionally, you need to pay your full attention to every single setup procedure because you could come across a chance to cancel the installation of some undesirable application.
Finally, every security-conscious users must have a professional antimalware tool. Such a tool is the most important part of your virtual security because it can warn you about a dangerous website or a setup files in advanced. Also, it can terminate any virtual security threat automatically.