For over a year, Microsoft has been monitoring a malware strain they named “Dexphot” that has been infecting Windows devices since October 2018. The malware used computer resources to mine cryptocurrency and profit from the attack.
The official Monero site was found compromised after discovering a coin stealer malware in the CLI wallet that is available for download in the site. Evidence showed that the downloadable wallets were tampered with to contain the malware.
The AnteFrigus ransomware is delivered via a malvertising campaign to lure victims to the RIG exploit kit server, while the PureLocker ransomware, has been observed to launch targeted attacks against enterprise production servers.