From my wife's laptop I'm getting this event every minute:
Should I be worried? Is this a trojan on the laptop? I started antivirus but it says it's ok.
Code:
alert tcp $HOME_NET any -> $EXTERNAL_NET any (msg:"ET POLICY Crypto Coin Miner Login"; flow:to_server,established; content:"|7b 22|method|22 3a|"; depth:10; fast_pattern; content:"|22|login|22 2c|"; distance:0; within:9; content:"|22|params|22 3a|"; distance:0; within:10; content:"|7b 22|login"; nocase; distance:0; within:8; content:"agent|22 3a|"; nocase; distance:0; metadata: former_category POLICY; reference:md5,d1082e445f932938366a449631b82946; reference:md5,33d7a82fe13c9737a103bcc4a21f9425; reference:md5,ebe1aeb5dd692b222f8cf964e7785a55; classtype:trojan-activity; sid:2022886; rev:3; metadata:affected_product Any, attack_target Client_Endpoint, deployment Perimeter, tag Bitcoin_Miner, signature_severity Audit, created_at 2016_06_09, malware_family CoinMiner, performance_impact Low, updated_at 2017_10_12;)
Should I be worried? Is this a trojan on the laptop? I started antivirus but it says it's ok.