Behavior monitoring & Machine learning capabilities behind Windows Defender successful Dofoil diffuse

Microsoft’s homegrown security antivirus Windows Defender recently prevented a major coin mining malware epidemic, Dofoil. It successfully blocked more than 80,000 instances of several sophisticated trojans that exhibited advanced cross-process injection techniques, persistence mechanisms, and evasion methods. Windows Defender successful strike was possible thanks to its Behaviour monitoring and cloud-powered machine learning capabilities.

Windows Defender

As soon as the Dofoil unusual persistence mechanism was spotted through Behavior monitoring, immediate signals were transferred to cloud protection service, says Microsoft. Following describes the sequence of actions that happened in the background,

  1. At the first detection of unusual activities, within milliseconds, multiple metadata-based machine learning models in the cloud started blocking the threats
  2. Seconds later, Microsoft’s sample-based and detonation-based machine learning models also verified the malicious classification. Within minutes, detonation-based models chimed in and added additional confirmation
  3. Within minutes, an anomaly detection alert notified about a new potential outbreak
  4. After analysis, Microsoft’s response team updated the classification name of this new surge of threats to the proper malware families. People affected by these infection attempts early in the campaign would have seen blocks under machine learning names like Fuery, Fuerboos, Cloxer, or Azden. Later blocks show as the proper family names, Dofoil or Coinminer

As per Microsoft, Windows 10, Windows 8.1, and Windows 7 users who are running Windows Defender AV or Microsoft Security Essentials are all protected from this latest outbreak.

Windows 10 is the most protected OS among all

With cryptocurrencies find more acceptance in the market, there would be more coin mining malware attacks in the future. Hence, to protect your PC hardware being utilized in mining cryptocurrencies by the attackers, it is imperative that you use the best-guarded Windows OS.

Microsoft’s Windows 10 is well guarded by Windows Defender with timely security updates and live cloud protection. It has a layered approach to security, which uses behavior-based detection algorithms, generics, and heuristics, as well as machine learning models in both the client and the cloud, to provide real-time protection against new threats and outbreaks.

Windows Defender Advanced Threat Protection (Windows Defender ATP) flags malicious behaviors related to installation, code injection, persistence mechanisms, and coin mining activities. It also integrates protections from Windows Defender AV, Windows Defender Exploit Guard, and Windows Defender Application Guard, providing a seamless security management experience.

Posted by with Tags
Ankit Gupta is a writer by profession and has more than 7 years of global writing experience on technology and other areas. He follows technological developments and likes to write about Windows & IT security. He has a deep liking for wild life and has written a book on Top Tiger Parks of India.

One Comment

  1. Anita Rhonda

    Despite the fact that I discouraged my friends severally about hiring hackers to catch their cheating partners, I resorted to hiring a private investigator during my divorce. My husband hid his affair too well and I had no evidence to prove his infidelity to the court so I went on Craigslist to hire a professional whom I met and told my problem.. His services were topnotch which made working with him very easy, he got me everything I needed within 24 hours and it was amazing, I paid upfront despite my fears but I got results because I currently have my husband’s messages diverted to my phone, Call logs, Facebook messenger, WhatasApp, Instant chat, Viber, Skype Password, retrieved all his deleted messages, . Scott completed the hack without any physical access or installation on my husband’s phone so he never found out until I presented the information in court..Many thanks to Scott Consultants I got what I deserve
    Contact him for help.
    scottcyberlord11 (at) gmail com
    Text: 18506315597
    Whatsapp Number: 1 62 8 204 3 5 88
    I know you will surely refer him.

Leave a Reply

Your email address will not be published. Required fields are marked *

5 + 3 =