Home » News » Microsoft claims Windows Defender has blocked 80,000 instances of Trojan Dofoil

Microsoft claims Windows Defender has blocked 80,000 instances of Trojan Dofoil

If you still don’t trust Windows Defender on Windows 10, Microsoft has another big reason for you. According to the company, Windows Defender Antivirus blocked more than 80,000 instances of several sophisticated Trojans. These were campaigned to infect nearly thousands of computer, but Defender safeguarded 500,000 computers.

These trojans where new variants of Dofoil (also known as Smoke Loader), carry a coin miner payload. There were more than 400,000 instances were recorded, 73% of which were in Russia. Turkey accounted for 18% and Ukraine 4% of the global encounters.

Source: Microsoft

Windows Defender AV initially flagged the attack’s unusual persistence mechanism through behavior monitoring, which immediately sent this behavior-based signal to our cloud protection service.

  1. Within milliseconds, multiple metadata-based machine learning models in the cloud started blocking these threats at first sight.
  2. Seconds later, our sample-based and detonation-based machine learning models also verified the malicious classification. Within minutes, detonation-based models chimed in and added additional confirmation.
  3. Within minutes, an anomaly detection alert notified us about a new potential outbreak.
  4. After analysis, our response team updated the classification name of this new surge of threats to the proper malware families. People affected by these infection attempts early in the campaign would have seen blocks under machine learning names like Fuery, Fuerboos, Cloxer, or Azden. Later blocks show as the proper family names, Dofoil or Coinminer.

Windows 10, Windows 8.1, and Windows 7 users running Windows Defender AV or Microsoft Security Essentials are all protected from this latest outbreak.

This is a huge win for Windows Defender which will help it in long term. It was all possible because WDAV uses behavior-based detection algorithms, generics, and heuristics, as well as machine learning models in both the client and the cloud, provides real-time protection against new threats and outbreaks.

 

Read more details at the official announcement. 

About Ashish

A die hard fan of Windows, Windows 10 Mobile, Windows Phone and Xbox, Loves to Do Video reviews on Windows Phone Apps, Games, Xbox Games, Xbox Tutorials. He Owns a Lumia 950 XL, Lumia 550, Lumia 1020 & BLU WIN HD LTE and have used all the Lumia Phones and Non Lumia Phones as well.