Jump to content

Warzone RAT CT2 - Synology DSM

wbraveheart
 Share

Recommended Posts

wbraveheart

wbraveheart 0

Posted
Posted

Hi All, 

I am an ESET Home Security user and I have been informed by my Internet Provider that my network was infected by a Warzone RAT. They specify a specific IP Port which is linked to my NAS (Synology DSM). I use my NAS to stream movies using Plex and never download movies directly on my PC.

My questions is the following:

1. I understand that RAT can only affect Windows Devices, but will ESET detect such trojan on my network?

 

Thanks for your help.

 

regards 

Link to comment
Share on other sites
  • Administrators
Marcos

Marcos 4,935

Posted
  • Administrators
Posted

If malware was running on your NAS and there would be no malicious communication with the machine with ESET installed, then it could not be detected either. The question is what communication did the ISP detect that they assume it was a RAT running on your NAS. There is a chance it could be a false positive.

Link to comment
Share on other sites
wbraveheart

wbraveheart 0

Posted
  • Author
Posted
1 hour ago, Marcos said:

If malware was running on your NAS and there would be no malicious communication with the machine with ESET installed, then it could not be detected either. The question is what communication did the ISP detect that they assume it was a RAT running on your NAS. There is a chance it could be a false positive.

Thanks Marcos. I only use my laptop to access my NAS using local IP address, so I dont know if there has been a malicious communication. 

Link to comment
Share on other sites
itman

itman 1,630

Posted
Posted (edited)

Blackberry has an article on Warzone RAT here: https://blogs.blackberry.com/en/2021/12/threat-thursday-warzone-rat-breeds-a-litter-of-scriptkiddies . The article is a bit dated and most AVs detect the the variants listed in the article.

This might be a new variant that is currently "flying under the AV radar."

Also, Warzone per se is a legit game: https://www.callofduty.com/playnow/warzone .

Edited by itman
Link to comment
Share on other sites
  • Most Valued Members
Nightowl

Nightowl 198

Posted
  • Most Valued Members
Posted
On 11/20/2023 at 11:06 AM, wbraveheart said:

Hi All, 

I am an ESET Home Security user and I have been informed by my Internet Provider that my network was infected by a Warzone RAT. They specify a specific IP Port which is linked to my NAS (Synology DSM). I use my NAS to stream movies using Plex and never download movies directly on my PC.

My questions is the following:

1. I understand that RAT can only affect Windows Devices, but will ESET detect such trojan on my network?

 

Thanks for your help.

 

regards 

Is your NAS exposed to internet?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...