APT1-Related SSL Certificate Detected

This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.

Synopsis :

An SSL certificate used in a malware-based command and control
infrastructure was detected on the remote host.

Description :

An SSL certificate associated with the group known as APT1 was
detected on the remote host. APT1's command and control
infrastructure uses several self-signed certificates to encrypt
communications in their command and control infrastructure. The
remote host appears to be using one of these certificates, which
indicates it may have been compromised.

See also :


Solution :

Determine if the system has been compromised, restore from a set of
known good backups if necessary, and investigate your network for further
signs of a breach.

Risk factor :

Critical / CVSS Base Score : 10.0

Family: General

Nessus Plugin ID: 64688 ()

Bugtraq ID:


Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial