HackWareNews
News, ethical hacking, cyber crime, network security
Voiced by Amazon Polly

BitTorrent Software Update Hijacked 400,000 – PCs Last Week – Trojanized

Voiced by Amazon Polly
>

A substantial malware uprising last week that spread the cryptocurrency mining malware to 400,000 computers within few hours was due to a backdoor of the BitTorrent names MediaGet.  Also known as Dufoil  or Smoke Loader, it works by dropping a cryptocurrency miner software as a payload on infected Windows machines and as a result that mine Electroneum (digital coins) by using CPU cycles.

The Smoke Loader campaign was uncovered by Microsoft Windows Defender R&D team that affected computers in Ukraine, Russia and Turkey. Defender team blocked the campaign before any severe damage could be done.

It took about 12 hours to spread the malware to a huge audience and it was not mentioned by Microsoft how this happened.

Few days back, once investigation took place Microsoft disclosed that the attack was targeted to update mechanism of MediGet software and pushed the trojanized software to users.

“A signed mediaget.exe downloads an update.exe program and runs it on the machine to install a new mediaget.exe. The new mediaget.exe program has the same functionality as the original but with additional backdoor capability,” the researchers team explain in a article post published on 14 March”

 

Get real time updates directly on you device, subscribe now.

Leave A Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.