Intrusion Prevention

APT34.Web.Shell

Description

This indicates an attempt to use a web shell created by APT34.
APT34, also known as OilRig, is a hacker group with suspected Iranian origins that has targeted Middle Eastern and international victims since 2014. In April 2019, its hacking tools were leaked to the public.

Affected Products

Any compromised server

Impact

System Compromise: Remote attacker can gain control of vulnerable systems.

Recommended Actions

Remove the malicious aspx file from the server.