Skip to main content
Security Performance Management
Continuous Monitoring
Vendor Risk Management
Trust Management Hub
Cyber Insurance
National Cybersecurity

Malware Server Findings

Ingrid

⇤ Compromised Systems Findings

The Malware Servers risk vector is an indication that a system is engaging in malicious activity, such as phishing, fraud, or scams. A company’s network is hosting malware that is meant to lure visitors to a website or send a file that injects malicious code or viruses.

SPM App: Findings ➔ Findings Table

CM App:

  1. Select a company from your Companies List.
  2. Go to Vendor Risk ➔ Findings

Insurance App:

  1. Select a company from your Companies List.
  2. Go to Client Risk ➔ Findings

Bitsight API: GET /v1/companies/entity_guid/findings?risk_vector=malware_servers

Finding Details

*Availability varies based on the detection mechanism.

The details include the data in Findings, Compromised Systems details, and also the following information:

Field Description
C&C Domain*

The domain name of the affected server, which is likely the C&C server or is a sinkhole. A device acting as part of a botnet was seen communicating with this server.

To evade firewall filtering, this field occasionally lists a non-malicious domain.
Listening Port This port was observed to be open and accepting traffic (listening) on the compromised device.
Protocol The network protocol used in the communication attempt.
  • October 29, 2024: Findings Table navigation instructions moved from Risks to a new Findings section in the menu.
  • January 19, 2024: Navigation by application.
  • April 6, 2021: Forensics integrated into Findings.

Related articles

Feedback

0 comments

Please sign in to leave a comment.