The spread of a Dofoil cryptomining campaign was contained this week in part because of Windows endpoint security platform for Windows 10, according to Microsoft researchers.
Researchers write that using "behavior-based signals coupled with cloud-powered machine learning models" Windows Defender Antivirus initially blocked 80,000 instances of the Dofoil Trojan, which carried a cryptomining payload, "within milliseconds."
Over a 12-hour period, 400,000 instances total were stopped. The spread was contained in part due to Defender's cloud protection service, which shares threat intelligence to other machines running Defender on Windows 7, 8.1, or 10. (Microsoft extended support for Defender to Windows 7 and 8.1 in February.)
See more here.
Dark Reading's Quick Hits delivers a brief synopsis and summary of the significance of breaking news events. For more information from the original source of the news item, please follow the link provided in this article. View Full Bio