Intrusion Prevention
SolarWinds.SUNBURST.Backdoor
Description
This indicates that SUNBURST Backdoor C2 communication was detected in the network.
Affected Products
SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, or with 2020.2 HF 1
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
This signature's action can be set to "Block" to block this application.
Please use Anti-Virus software to scan and clean the system.
Also follow the latest advisory from the vendor.
https://www.solarwinds.com/securityadvisory