- April 6, 2021: Forensics integrated into Findings.
⇤ Compromised Systems Findings
The Malware Servers risk vector is an indication that a system is engaging in malicious activity, such as phishing, fraud, or scams. A company’s network is hosting malware that is meant to lure visitors to a website or send a file that injects malicious code or viruses.
View findings from the Findings page or the Bitsight API.
Finding Details
*Availability varies based on the detection mechanism.
The details include the data in Findings, Compromised Systems details, and also the following information:
| Field | Description |
|---|---|
| C&C Domain* |
The domain name of the affected server, which is likely the C&C server or is a sinkhole. A device acting as part of a botnet was seen communicating with this server. To evade firewall filtering, this field occasionally lists a non-malicious domain. |
| Listening Port | This port was observed to be open and accepting traffic (listening) on the compromised device. |
| Protocol | The network protocol used in the communication attempt. |