Windows Defender protects Windows 10 from hidden mining

According to a study conducted by Microsoft, illegal cryptocurrency mining is now the most popular type of cyberattack, especially after the rapid increase in cryptocurrency prices. Microsoft used Windows Defender Antivirus to conduct the study and found that an average of 640,000 systems were attacked each month from September 2017 to January 2018.

Through virus programs hosted on websites, cybercriminals gain access to user power and use it to illegally mine cryptocurrencies.

Hidden mining is becoming a trend because it allows cybercriminals to make profits faster than with any other type of attack. For example, in the case of a ransom attack, the victim still needs to be convinced to pay for the decryption key. And with hidden mining, the victim does not even know that he is a victim. 

Microsoft explains that miners often exploit software vulnerabilities to compromise systems.

One such example is the DDE (Application Desktop Engine) vulnerability in Microsoft Windows operating systems, which itself contains malicious code and is recognized by Windows Defender as Trojan:Win32/Coinminer. In this case, the attack is carried out through a Word document that is infected with Exploit:O97M/DDEDownloader.PA and uses a PowerShell script recognized as Trojan:PowerShell/Maponeir.A. When you open such a document, a program for hidden mining of the Monero coin is automatically downloaded.

The updated Windows Defender program now blocks mining attacks. In addition, Windows recommends switching to the Windows 10 S operating system, which malware cannot yet hack. 

According to http://news.softpedia.com