Experts Comments On Dexphot Polymorphic Malware Detection

According to this link: (https://www.microsoft.com/security/blog/2019/11/26/insights-from-one-year-of-tracking-a-polymorphic-threat/,) A Dexphot campaign was first spotted in October 2018 affecting thousands of computers, with attackers upgrading the malware over the following months to a level that left little to analyse. The threat had a surge in mid-June this year, when it landed on tens of thousands of computers. Towards the end of the month the attacks subsided, less than 20,000 machines exhibiting Dexphot activity. By the end of July, the malware was seen on less than 10,000 machines every day.

For about a year, security researchers at Microsoft tracked the malware observing the combination of methods that let it slip through the cracks. Hackers used code obfuscation, encryption, randomised file names, and deploying malicious code in memory were some of the methods used to avoid detection.

About the Author

ISBuzz Team

The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.

Iranian “Dream Job” Cyber Campaign Targets Aerospace Sector

Examining the Role of Asset Recovery in Safeguarding Data: Ten Points IT Professionals Should Know

An Ultimate Guide to Exchange Server Database Recovery

Working With Us

Write For Us

The Pages