APT34.Web.Shell

description-logoDescription

This indicates an attempt to use a web shell created by APT34.
APT34, also known as OilRig, is a hacker group with suspected Iranian origins that has targeted Middle Eastern and international victims since 2014. In April 2019, its hacking tools were leaked to the public.

affected-products-logoAffected Products

Any compromised server

Impact logoImpact

System Compromise: Remote attacker can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Remove the malicious aspx file from the server.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2019-05-23 14.619 Default_action:pass:drop
2019-05-08 14.609