Install the app
How to install the app on iOS

Follow along with the video below to see how to install our site as a web app on your home screen.

Note: This feature may not be available in some browsers.

Threat Prevention A network trojan was detected

As an Amazon Associate, we may earn commissions from qualifying purchases. Learn more...

362
96
NAS
DS418play
Router
  1. RT2600ac
  2. MR2200ac
Operating system
  1. macOS
  2. Windows
Mobile operating system
  1. iOS
From my wife's laptop I'm getting this event every minute:

Code:
alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET POLICY Crypto Coin Miner Login"; flow:to_server,established; content:"|7b 22|method|22 3a|"; depth:10; fast_pattern; content:"|22|login|22 2c|"; distance:0; within:9; content:"|22|params|22 3a|"; distance:0; within:10; content:"|7b 22|login"; nocase; distance:0; within:8; content:"agent|22 3a|"; nocase; distance:0; metadata: former_category POLICY; reference:md5,d1082e445f932938366a449631b82946; reference:md5,33d7a82fe13c9737a103bcc4a21f9425; reference:md5,ebe1aeb5dd692b222f8cf964e7785a55; classtype:trojan-activity; sid:2022886; rev:3; metadata:affected_product Any, attack_target Client_Endpoint, deployment Perimeter, tag Bitcoin_Miner, signature_severity Audit, created_at 2016_06_09, malware_family CoinMiner, performance_impact Low, updated_at 2017_10_12;)

Should I be worried? Is this a trojan on the laptop? I started antivirus but it says it's ok.
 
Malwarebytes should purge that from your computer. If not, go here for assistance. Or here.
 
Malwarebytes is the best! Cleaned everything. Maybe I need to reconsider my antivirus program and buy Malwarebytes Premium.

Thank you for pointing me to the right direction, Telos.
 
You're welcome. I use Malwarebytes for on-demand scans. I'm not sure I would purchase it for its background protection. But many do.
 
Have been using the free Sophos AV for Mac for years, mainly cos it's free and we have friends that use Windows. It's now Sophos Home and free for 3 Macs or 3 PCs. Use a different email account to get another 3. Generally it's been ok and found mail attachments that should have been already blocked as spam.

@wwwampy Good to see your investment in the SRM router has already helped to detect this infection.
 
Last edited:
Currently, I'm using F-Secure paid version. Got it from work with license for 3 years. But funny, Malwarebytes found that trojan. No, actually, my router found it first! :)

Yes, I'm cool with RT2600ac. Way better then my previous one and even the wi-fi range is great.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Thread Tags

Tags Tags
network

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Trending content in this forum

Back
Top