Malicious activity

New User Added to Local Administrators Group

Platform(s)
  • N/A

Description

This alert indicates that a new user account has been added to the local administrator group on a Windows system. The local administrator group is a powerful group that has full control over the system, including the ability to install software, modify system settings, and access sensitive data.