F0xy

F0xy is a threat infection that has caught the attention of PC security researchers because of the cleverness of the attack, and the stealthiness F0xy uses to hide from detection. F0xy can change its Command and Control dynamically in order to download and execute files on the victim's computer. Many threat infections have a Command and Control server to which they connect in order to download and upload data, receive orders and other important functions. A vital step in fighting against threats is intercepting these communications and shutting down these types of command and control servers and domains. F0xy's tactic of changing its Command and Control is especially important because F0xy may be used by other threats developers to carry out their attacks while evading detection.

F0xy Installs a Crypto-Currency Miner on Attacked Pcs

Two of the main tactics associated with F0xy include using the Microsoft's Background Intelligent Transfer service in order to transfer its own threatening data and take advantage of Vkontakte, a popular social network in Russia, to carry out its attacks. The main payload associated with F0xy at this time is to download and install CPUMiner, a crypto-currency miner that uses the victim's computer to mine Bitcoin and other crypto-currency. This allows third parties to profit from installing F0xy on the victims' computers, allowing them to reap the benefits of mining crypto-currencies on a wide variety of infected computers rather than investing in expensive mining infrastructure.

How Third Parties may Generate Revenue Using F0xy

F0xy downloads the 64-bit version of CPUMiner, which is then installed and executed without the victim's knowledge. Numerous computers can be assigned as 'workers' in order to 'mine' crypto-currencies on behalf of a single currency wallet. The revenue goes up according to the number of infected computers. These types of attacks have become increasingly sophisticated, with cybercrooks using advanced tactics to make money directly at the expense of computer users.

F0xy may Hide Its Traffic in a Legitimate Network Traffic

The main purpose of F0xy is to act as a downloader. Potentially, any threat could be downloaded and installed using F0xy. At this time, F0xy is being used to download and execute CPUMiner. However, F0xy could just as easily be used to download and install a banking Trojan or adware. F0xy hides in legitimate network traffic and may use compromised legitimate websites or an advertising network fraud to gain access to the victims' computers. Malware analysts suspect that F0xy is still at an early stage, which could in the future become a more serious threat. F0xy is still being tested, not being used in widespread attacks but, rather, being used to test potential defenses and vulnerabilities. F0xy could very easily be modified to deliver a more serious and destructive payload as part of a wider threat campaign.

Protecting Your Computer from F0xy and Other Threats

If you are concerned about threats like F0xy finding its way into your computer, PC security researchers recommend the use of a skilled security program to protect your PC. Not only security programs should be kept fully updated and patched, but all software. Real-time protection and a firewall are also important. However, the best thing computer users can do to protect their computers from potentially harmful components or threats is to use common sense when browsing the Web. Threats are still mainly distributed using spam email messages, corrupted advertisements and social engineering techniques. Knowing not to open suspicious links, unknown email attachments or staying away from certain websites is one of the best ways of avoiding threat problems such as F0xy.

SpyHunter Detects & Remove F0xy

F0xy Screenshots