Malware.Sinkhole
Description
This indicates an attempt to connect to a malware sinkhole server.
Government agencies and researchers sometimes sinkhole malware DNS addresses to prevent connection to C&C servers. If a computer attempts to connect to a sinkhole server, it's most likely infected with malware.
Affected Products
Any unprotected system is vulnerable.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Please use Anti-Virus software to scan and clean the infected device.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |