icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Stuxnet Infected Host Detection

Synopsis

The remote host has been compromised and is running a 'Backdoor' program

Description

The remote host is running the Stuxnet trojan. This was determined based on the RPC UUID. Stuxnet is a Trojan which uses multiple vulnerabilities to infect and spread to nearby hosts. Ultimately, the Trojan attempts to gain access to a SCADA network.

Solution

Manually clean the infected machine