Riskware/Ammyy

description-logoAnalysis


Riskware/Ammyy is a generic detection for a type of grayware that arrives as an application installation package.
Below are typical actions done by this type of application:

  • It attempts to connect to a remote operator.

  • It may enable the remote operator to control the local machine and do following actions according to the user's configuration:
    • View the user's screen
    • Manage files
    • Audio chat
    • Remote control

recommended-action-logoRecommended Action

    FortiGate Systems
  • Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system - if required, enable the "Allow Push Update" option.
    FortiClient Systems
  • Quarantine/delete files that are detected and replace infected files with clean backup copies.

Telemetry logoTelemetry

Detection Availability

FortiGate
FortiClient
FortiAPS
FortiAPU
FortiMail
FortiSandbox
FortiWeb
Web Application Firewall
FortiIsolator
FortiDeceptor
FortiEDR

Version Updates

Date Version Detail
2023-06-19 91.04347
2023-05-09 91.03106
2023-05-02 91.02896
2023-04-25 91.02686
2023-04-18 91.02476
2023-04-11 91.02260
2023-04-04 91.02050
2023-03-28 91.01840
2023-03-24 91.01731
2023-03-23 91.01685