Dofoil/ Smoke Loader
Name of Malware: Dofoil/ Smoke Loader
Type of Malware: Downloader
Affected Operating Systems: Windows
Affected Device Types: PCs, laptops
Impact: medium
What is Dofoil/Smoke Loader?
Dofoil/Smoke Loader is a malware downloader.
Malware downloaders download other malware and then run it on the infected system. In the case of Dofoil/Smoke Loader, the malware downloaded may be Matsnu. Dofoil/Smoke Loader can also be expanded with additional functions using plug-ins. One of these plug-ins is designed to capture access data for e-mail accounts and FTP programs and pass this information to the operator of the malware.
How did I get infected with Dofoil/Smoke Loader?
One potential route of infection is via spam e-mail. The cyber criminals send Dofoil/Smoke Loader by e-mail, disguised as an invoice. Often, these invoices are packaged as executable files in ZIP archives. Other potential sources of infection include websites that are primed to exploit security vulnerabilities in your browser; the malware could also have been downloaded by another piece of malware that was already on your system at that time.
What do I have to do now?
Do not carry out any further sensitive transactions on your computer. There may be other malware on your system besides Dofoil/Smoke Loader. Use anti-virus software to perform a full scan of your system. If necessary, use an antivirus live CD to remove Dofoil/Smoke Loader. If you still have concerns about whether the infection has been effectively removed, you should reset the device and reinstall the operating system. Back up your personal data before wiping the system. Once your system has been reset, change all your passwords, as the perpetrators may have been able to access them.
- Short URL:
- https://www.bsi.bund.de/dok/8602800