If you still don’t trust Windows Defender on Windows 10, Microsoft has another big reason for you. According to the company, Windows Defender Antivirus blocked more than 80,000 instances of several sophisticated Trojans. These were campaigned to infect nearly thousands of computer, but Defender safeguarded 500,000 computers.
These trojans where new variants of Dofoil (also known as Smoke Loader), carry a coin miner payload. There were more than 400,000 instances were recorded, 73% of which were in Russia. Turkey accounted for 18% and Ukraine 4% of the global encounters.
Windows Defender AV initially flagged the attack’s unusual persistence mechanism through behavior monitoring, which immediately sent this behavior-based signal to our cloud protection service.
- Within milliseconds, multiple metadata-based machine learning models in the cloud started blocking these threats at first sight.
- Seconds later, our sample-based and detonation-based machine learning models also verified the malicious classification. Within minutes, detonation-based models chimed in and added additional confirmation.
- Within minutes, an anomaly detection alert notified us about a new potential outbreak.
- After analysis, our response team updated the classification name of this new surge of threats to the proper malware families. People affected by these infection attempts early in the campaign would have seen blocks under machine learning names like Fuery, Fuerboos, Cloxer, or Azden. Later blocks show as the proper family names, Dofoil or Coinminer.
Windows 10, Windows 8.1, and Windows 7 users running Windows Defender AV or Microsoft Security Essentials are all protected from this latest outbreak.
This is a huge win for Windows Defender which will help it in long term. It was all possible because WDAV uses behavior-based detection algorithms, generics, and heuristics, as well as machine learning models in both the client and the cloud, provides real-time protection against new threats and outbreaks.
Read more details at the official announcement.