A new piece of malware employing remarkable trickery and stealth has been released in the wild recently. The threat is dubbed “f0xy” and was first noticed by Websence.
The Strategy of F0xy
What makes the new malware particularly hazardous is its ability to change its C&C (command and control) server dynamically. F0xy can also download and execute arbitrary files.
The threat leverages VKontakte, a Russian social network. To download files, f0xy uses Microsoft’s Background Intelligent Transfer Service.
The new malware aims to download CPUMiner, a crypto-currency miner, and employ the affected computer as a miner, thus generating large profit for the developer.
The experts with Websense Security Labs report that f0xy has been spotted downloading a 64-bit version of the CPUMiner. The malware then executes the crypto-currency miner. The threat-author can then assign other “workers” to mine in the interest of the user’s account.
The Cunning F0xy and Its Mining Workers
The main idea behind the f0xy malware is “The more – the merrier!” The more computers get infected with f0xy, the more crypto-currency will be mined for the attackers.
Websense analyst, Carl Leonard, stresses on the sophisticated strategies cyber criminals are now employing, using other people to download and execute files, so the attackers can get their hands on the money. He expects more threats to lurk in the “noise of legitimate traffic” in 2015.
F0xy Acts as a Downloader
Leonard says that the main function of f0xy is to operate as a downloader, so hypothetically speaking, the malicious code can drop any piece of malware. At the moment, f0xy is testing the weak barriers, according to the researchers, but it still poses a serious threat.
Experts warn that malware authors are increasingly using legit websites to hide their malicious activities and avoid detection.
How to Protect Your System from Malware Infiltration?
- Do not open email attachments from unknown sources
- Select your download sources carefully
- Delete chain emails from your inbox
- Download and install a trustworthy anti-malware program
- Perform regular backups of your important files
- Update your web browser, operating system, and email program on a regular basis
- Do not click on messages and links from unknown sources
- Check your credit reports and accounts every day
- Keep your AV program updated
Spy Hunter FREE scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool. Find Out More About SpyHunter Anti-Malware Tool