Scribd Logo
Upload

Welcome to Scribd!

  • SI-20190430-Virus Infected Website Access

    Uploaded by

    THE MOOD
    1 views2 pages
    A downloader trojan infected site was accessed by a user, which had the capability to download malicious files or an updated version of itself to users' PCs. The firewall blocked the infected websites temporarily. Users were informed not to access the sites, and the website owners were notified through the Manager IS to improve security. The incident was reported and addressed by Priyashantha Fernando, the Senior Engineer of Network & Security.

    Original Description:

    Original Title

    SI-20190430-Virus infected website access (2)

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    A downloader trojan infected site was accessed by a user, which had the capability to download malicious files or an updated version of itself to users' PCs. The firewall blocked the infected websites temporarily. Users were informed not to access the sites, and the website owners were notified through the Manager IS to improve security. The incident was reported and addressed by Priyashantha Fernando, the Senior Engineer of Network & Security.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    1 views2 pages

    SI-20190430-Virus Infected Website Access

    Uploaded by

    THE MOOD
    A downloader trojan infected site was accessed by a user, which had the capability to download malicious files or an updated version of itself to users' PCs. The firewall blocked the infected websites temporarily. Users were informed not to access the sites, and the website owners were notified through the Manager IS to improve security. The incident was reported and addressed by Priyashantha Fernando, the Senior Engineer of Network & Security.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    NETWORK & SECURITY INCIDENT REPORT

    Ceylon Petroleum Storage Terminals LTD


    Date: 2019-04-30 INCIDENT #SI-20190430-001
    The Incident: Virus infected website access
    (Downloader trojan)

    Incident Type: Virus incident


    Severity:Critical
    Status : Blocked by forti firewall

    Description of Incident:

    Fortigate Analyzer :
    A downloader trojan infected site access. Once an user visit
    the site. The infected file will start downloading to the
    users PC.

    JS/Agent.DW!tr.dldr is classified as a downloader trojan.


    Downloader Trojan has the capability to download other
    malicious files or an updated version of itself.
    The Fortinet Anti-Virus Analyst Team is currently in the
    process of creating a detailed description for this virus.
    Corrective Action Taken:

    Block the websites from firewall temporary.

    Preventive Action Taken:

    Informed users not to use the said websites further informed.


    Informed the the websites owners through Manager IS (to
    provide information security service to a Sri lankan reputed
    organization)

    Reported By: Priyashantha Fernando (Snr, Engineer : Network &


    security)
    Date : 2019/04/30

    Action Taken By : Priyashantha Fernando (Snr, Engineer :


    Network & security)
    Date : 2019/04/30

    You might also like