NEW BLOG POST: Windows Defender AV’s behavior monitoring coupled with cloud-powered machine learning models uncovered and blocked a massive Dofoil (Smoke Loader) coin mining campaign. Read the post
Alert level: Severe Detected with Windows Defender Antivirus
Also detected as: No associated aliases
Windows Defender detects and removes this threat.
It can install browser add-ons that claim to protect you from other add-ons. These add-ons can make changes to your home page and also install Win32/Sefnit.
This trojan might have been installed by a member of the Win32/Brantall family.
More details are available in the Win32/Rotbrow family description.