Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Stuxnet Infected Host Detection

Critical

Synopsis

The remote host has been compromised and is running a 'Backdoor' program

Description

The remote host is running the Stuxnet trojan. This was determined based on the RPC UUID. Stuxnet is a Trojan which uses multiple vulnerabilities to infect and spread to nearby hosts. Ultimately, the Trojan attempts to gain access to a SCADA network.

Solution

Manually clean the infected machine