APT34.Web.Shell
Description
This indicates an attempt to use a web shell created by APT34.
APT34, also known as OilRig, is a hacker group with suspected Iranian origins that has targeted Middle Eastern and international victims since 2014. In April 2019, its hacking tools were leaked to the public.
Affected Products
Any compromised server
Impact
System Compromise: Remote attacker can gain control of vulnerable systems.
Recommended Actions
Remove the malicious aspx file from the server.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |