Intrusion PreventionBackdoor.Havoc.Agent
Description
This indicates detection of backdoor traffic using the Havoc Framework.
Backdoor trojans have the capability to connect to remote hosts and perform actions against the compromised system. Havoc is a post-exploitation command and control framework.
Affected Products
Any unprotected Windows system is vulnerable to the attack.
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
This signature's action can be set to "Block" to block this application.
Please use Anti-Virus software to scan and clean the system.
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2024-02-26 | 26.739 | Sig Added |
| 2023-04-12 | 23.534 | Default_action:pass:drop |
| 2023-03-21 | 23.517 |
References
https://github.com/HavocFramework/Havoc| ID | 52655 |
| Created | Feb 23, 2023 |
| Updated | Mar 04, 2024 |
| Risk |
|
| CVE ID | |
| Default Action | drop |
| Active | |
| Affected OS | Windows |
| Affected App | Other |