Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Rodney-dannevig
Explorer
Jump to solution

infected with techunity.tc.b

I have in infected devices on the Checkpoint 790 Appliance saying the router is infected with the techunity.tc.b

I found it because I am having issue with an RDP brute force attach originating from the external ip of the same checkpoint.

I do have RDP NAT but to another server with IP restrictions.

I turned off the RDP NAT and it still happens originating from the router.

Any suggestions would be great.

 

1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin

Not sure why you posted this in the DevSecOps group.
Also “the router is infected” what precise information did you see?
Screenshots (redacting sensitive data) would be helpful, as would the precise firmware version and build.

Some details about the malware in question: https://threatpoint.checkpoint.com/ThreatPortal/threat?threatType=malware&threatId=32312779
General remediation steps: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

View solution in original post

3 Replies
PhoneBoy
Admin
Admin

Not sure why you posted this in the DevSecOps group.
Also “the router is infected” what precise information did you see?
Screenshots (redacting sensitive data) would be helpful, as would the precise firmware version and build.

Some details about the malware in question: https://threatpoint.checkpoint.com/ThreatPortal/threat?threatType=malware&threatId=32312779
General remediation steps: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

Rodney-dannevig
Explorer

Sorry about that will Close the question.

PhoneBoy
Admin
Admin

I moved it to the correct place, all good.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events