The malware attack started in Russia, and it spread to other countries like Turkey, Ukraine and in almost all Asia. According to a report released by Microsoft, the attack began on March 6. Furthermore, the security software Windows Defender managed to stop nearly 80,000 attacks in a very short time. The infiltration attempts, however, were carried out by using different methods which gave the attackers an upper hand.
The Microsoft Team stated that the attempts were identified immediately and that the same malware infection was detected on roughly 400,000 Windows PCs worldwide in just 12 hours.
Dofoil’s M.O on Windows
The Trojan’s primary target was the Windows Explorer file. Dofoil identified the targeted file and tried to replace it with an infected version. If the attack were successful a program called wuauclt.exe would have appeared as a regular process in the task manager. While this particular Trojan is not new, the creators have changed continuously and improved its code so it can bypass operating systems almost undetected.
The Microsoft representatives have stated that the users who own versions of Windows 7, 8.1 and 10 were protected in the next few minutes after the first infiltration attempts occurred. However, the users who had their Windows Defender turned off might still be infected.
This episode is similar to the one in February 2018 when a virus infected more than 500,000 Windows PCs. At that time the researchers have stated that the cyberattackers were able to mine 9000 Monero by infecting unpatched versions of Windows. The most affected areas were Smominru Russia, India, and Taiwan.
With Dofoil It’s Never Over
While Microsoft managed to stop the attacks, they are suspecting that this is just an episode from a future series of attempts. With the Trojan’s creators continually updating the code and adapting it to new technologies the software company believes that the users should remain cautious. Besides that, the hackers are very ambitious when it comes to infecting, PCs, smartphones, and TVs for mining cryptocurrencies. And the more machines they have in control, the higher the profit.