Menu
Reply
mihaiudrea
  • 1
  • 0
  • 0
Joining in
481 Views
Message 1 of 5
Flag for a moderator

malware letter

Hello!

We just got a letter in the post from Virgin Media stating that a "not-for-profit organisation" has detected conficker malware on our internet traffic.

Since there's only one machine running Windows in our household and at the time of said detection the machine was running Kali Linux, I'm curious who and how detected conficker in my traffic and if it's possible to get my hands on that captured traffic and have a look for myself.

There's no contact details on that letter, it just points me towards virginmedia.com/malware which is basically a landing page to sell some "Gadget Rescue" rubbish. 

0 Kudos
Reply
Anankha
  • 2.13K
  • 162
  • 484
Problem sorter
432 Views
Message 2 of 5
Flag for a moderator

Re: malware letter

Do you have a Hub 3 & broadcasting a guest network? If so then someone may have connected to the free wifi & this is what the ‘organisation’ has picked up.

0 Kudos
Reply
Graham_A
  • 15.72K
  • 2.2K
  • 6.76K
Very Insightful Person
Very Insightful Person
428 Views
Message 3 of 5
Flag for a moderator

Re: malware letter

Do you mean a guest network on the home account or the Virgin Media hot spot?  As I understand it the VM hotspot uses a separate network with a different WAN address and would not track back to the home account.

________________________________
Graham

I'm a Very Insightful Person, I'm here to share knowledge, I don't work for Virgin Media, I'm a VM customer. There are no guarantees that my advice will work. Learn more

Have I helped? Click Mark as Helpful Answer or use Kudos to say thanks

0 Kudos
Reply
Anankha
  • 2.13K
  • 162
  • 484
Problem sorter
394 Views
Message 4 of 5
Flag for a moderator

Re: malware letter

Either really Graham.
If the hotspot wouldn’t track back to the account then we can rule that out.

0 Kudos
Reply
用心棒
  • 5.67K
  • 634
  • 1.97K
Very Insightful Person
Very Insightful Person
368 Views
Message 5 of 5
Flag for a moderator

Re: malware letter

Kali Linux, was this a virtual instance?

If you believe it was a false positive consider contacting Shadowserver for more information here https://www.shadowserver.org/contact/

 

As a Very Insightful Person, I'm here to share my knowledge. I don't work for Virgin Media.

Click to learn more about VIP

  Use Kudos to say thanks

  Mark as Helpful Answer if I've helped

0 Kudos
Reply