We're gradually updating threat actor names in our reports to align with the new weather-themed taxonomy. Learn about Microsoft threat actor names
Trojan:HTML/Brocoiner.C
Aliases: No associated aliases
Summary
Microsoft Defender Antivirus detects and removes this threat.
This malware is a JavaScript cryptocurrency miner that is being served on web pages. When a computer visits one of these web pages, this JavaScript malware launches locally and uses the computer's resources to mine cryptocurrency. Such mining activities can be resource intensive and can cause visiting computers to slow down.
Known samples of this malware have been observed mining Monero coin, a type of cryptocurrency. These samples were found in websites providing:
- Streaming videos
- Adult materials
- Shopping
Some sites hosting this malware appear legitiate and might have been compromised for this purpose.
This malware is a variant of the Trojan:HTML/Brocoiner coinminer family.
Learn more about this type of threat: Invisible resource thieves: The increasing threat of cryptocurrency miners
Use the following free Microsoft software to detect and remove this threat:
- Microsoft Defender Antivirus for Windows 10 and Windows 8.1, or Microsoft Security Essentials for Windows 7 and Windows Vista
- Microsoft Safety Scanner
- Microsoft Windows Malicious Software Removal Tool
You should also run a full scan. A full scan might find hidden malware.
Use cloud protection
Use cloud protection to help guard against the latest malware threats. It’s turned on by default for Microsoft Security Essentials and Microsoft Defender Antivirus for Windows 10.
Go to Settings > Update & security > Windows Defender > Windows Defender Security Center > Virus & threat protection and make sure that your Cloud-based Protection settings is turned On.
Get more help
You can also visit our advanced troubleshooting page or search the Microsoft virus and malware community for more help.