MALWARE-FILE-TRANSFER HackTool.Win32.EarthWrom
Rule ID
1232879
Severity
High
Description
EarthWorm is a simple network tunnel tool with SOCKS v5 server and port transfer developed by a Chinese engineer. it is popular in the cyber-attack. With this tool, the attackers are able to bypass the firewall and access the machine in a restricted network.
Impact
Others
Recommendation
Update vendor's patch.
IPS Category
Malware traffic
IPS Anomaly Group
N/A
IPS Rule Default Action
Deny
References
Keywords
Volt Typhoon
Date Created
2023/05/29
Last Updated
2023/05/29
This website uses cookies to ensure you get the best experience on our website.
Learn more