Intrusion Prevention

SolarWinds.SUNBURST.Backdoor

Description

This indicates that SUNBURST Backdoor C2 communication was detected in the network.

Affected Products

SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, or with 2020.2 HF 1

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

This signature's action can be set to "Block" to block this application.
Please use Anti-Virus software to scan and clean the system.
Also follow the latest advisory from the vendor.
https://www.solarwinds.com/securityadvisory