'Wacatac' malware

%3CLINGO-SUB%20id%3D%22lingo-sub-1410361%22%20slang%3D%22en-US%22%3E'Wacatac'%20malware%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1410361%22%20slang%3D%22en-US%22%3E%3CP%3EMicrosoft%20defender%20ATP%20has%20detected%20a%26nbsp%3B%3CSPAN%3E'Wacatac'%20malware%20was%20detected%20on%20one%20of%20the%20machine%2CI%20looked%20at%20the%20error%20further%2C%20it%20shows%20the%20machine%20has%20got%20a%20unwanted%20software.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3EC%3A%5CProgram%20Files%20(x86)%5CILG_BROWSERINC%5CElectronUtil.exe.%26nbsp%3B%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%3ELooking%20at%20the%20description%3C%2FSPAN%3E%3C%2FP%3E%3CDIV%20class%3D%22entity%20clearfix%20ng-scope%22%3E%3CDIV%20class%3D%22row%20alert-header-print-col%22%3E%3CDIV%20class%3D%22col-sm-12%20col-md-12%20col-lg-6%20entity-cube%20alert-header-first-box%20alert-header-row%22%3E%3CDIV%20class%3D%22attack-sev%20sev-32%22%3E%3CDIV%20class%3D%22border-default%20alert-header-inner-box%22%3E%3CDIV%3E%3CTABLE%3E%3CTBODY%3E%3CTR%3E%3CTD%3ESeverity%3A%3C%2FTD%3E%3CTD%3EInformational%3C%2FTD%3E%3C%2FTR%3E%3CTR%3E%3CTD%3ECategory%3A%3C%2FTD%3E%3CTD%3EMalware%3C%2FTD%3E%3C%2FTR%3E%3CTR%3E%3CTD%3EDetection%20source%3A%3C%2FTD%3E%3CTD%3EAntivirus%3C%2FTD%3E%3C%2FTR%3E%3CTR%3E%3CTD%3EDetection%20technology%3A%3C%2FTD%3E%3CTD%3EClient%2C%20Machine%20Learning%3C%2FTD%3E%3C%2FTR%3E%3CTR%3E%3CTD%3EDetection%20status%3A%3C%2FTD%3E%3CTD%3EPrevented%3C%2FTD%3E%3C%2FTR%3E%3C%2FTBODY%3E%3C%2FTABLE%3E%3C%2FDIV%3E%3C%2FDIV%3E%3C%2FDIV%3E%3C%2FDIV%3E%3CDIV%20class%3D%22col-sm-6%20col-md-6%20col-lg-3%20entity-cube%20alert-header-row%22%3E%3CDIV%20class%3D%22border-default%20alert-header-inner-box%22%3E%3CDIV%20class%3D%22entity-meta-main-title%20alert-header-box-title%22%3E%3CSPAN%3EAlert%20context%3C%2FSPAN%3E%3C%2FDIV%3E%3CDIV%20class%3D%22alert-header-box-parent%22%3E%3CTABLE%3E%3CTBODY%3E%3CTR%3E%3CTD%3E%3CDIV%20class%3D%22overflow-all%20ellipsis%20hover-no-background%22%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fsecuritycenter.windows.com%2Fmachines%2F7851bf8a7338905a78daed1474735496c402f793%2Ftimeline%3Ffrom%3D2020-05-14T11%3A47%3A10.048Z%26amp%3Bto%3D2020-05-21T11%3A47%3A10.048Z%26amp%3Balert%3Dda637256585232448012_-755260896%22%20target%3D%22_blank%22%20rel%3D%22noopener%20nofollow%20noreferrer%22%3E%3CSPAN%20class%3D%22ng-binding%20ng-scope%22%3Enh-2v9ywt2%3C%2FSPAN%3E%3C%2FA%3E%3C%2FDIV%3E%3C%2FTD%3E%3C%2FTR%3E%3CTR%3E%3CTD%3E%26nbsp%3B%3C%2FTD%3E%3C%2FTR%3E%3C%2FTBODY%3E%3C%2FTABLE%3E%3C%2FDIV%3E%3CDIV%3E%3CTABLE%3E%3CTBODY%3E%3CTR%3E%3CTD%3EFirst%20activity%3A%3C%2FTD%3E%3CTD%3E21.05.2020%20%7C%2011%3A46%3A15%3C%2FTD%3E%3C%2FTR%3E%3CTR%3E%3CTD%3ELast%20activity%3A%3C%2FTD%3E%3CTD%3E21.05.2020%20%7C%2011%3A47%3A10%3C%2FTD%3E%3C%2FTR%3E%3C%2FTBODY%3E%3C%2FTABLE%3E%3C%2FDIV%3E%3C%2FDIV%3E%3C%2FDIV%3E%3CDIV%20class%3D%22col-sm-6%20col-md-6%20col-lg-3%20entity-cube%20alert-header-row%22%3E%3CDIV%20class%3D%22border-default%20alert-header-inner-box%22%3E%3CDIV%20class%3D%22entity-meta-main-title%20alert-header-box-title%22%3E%3CSPAN%3EStatus%3C%2FSPAN%3E%3C%2FDIV%3E%3CDIV%20class%3D%22alert-header-box-parent%22%3E%3CTABLE%3E%3CTBODY%3E%3CTR%3E%3CTD%3EState%3A%3C%2FTD%3E%3CTD%3EIn%20progress%3C%2FTD%3E%3C%2FTR%3E%3CTR%3E%3CTD%3EClassification%3A%3C%2FTD%3E%3CTD%3E%3CSPAN%20class%3D%22ng-scope%22%3ENot%20set%3C%2FSPAN%3E%3C%2FTD%3E%3C%2FTR%3E%3C%2FTBODY%3E%3C%2FTABLE%3E%3C%2FDIV%3E%3CDIV%3E%3CTABLE%3E%3CTBODY%3E%3CTR%3E%3CTD%3EAssigned%20to%3A%3C%2FTD%3E%3CTD%3EArslan.Ayoob%40networkhomes.org.uk%3C%2FTD%3E%3C%2FTR%3E%3C%2FTBODY%3E%3C%2FTABLE%3E%3C%2FDIV%3E%3C%2FDIV%3E%3C%2FDIV%3E%3C%2FDIV%3E%3C%2FDIV%3E%3CDIV%20class%3D%22row%20entity-meta-main%20border-default%20ng-scope%22%3E%3CDIV%20class%3D%22alert-info-section-collapsed%20transcluded-collapsible-element%22%3E%3CDIV%20class%3D%22break-words%20ng-scope%20col-sm-6%22%3E%3CDIV%20class%3D%22entity-meta-title%22%3E%3CSPAN%3EDescription%3C%2FSPAN%3E%3C%2FDIV%3E%3CDIV%20class%3D%22ng-binding%22%3EMalware%20and%20unwanted%20software%20are%20undesirable%20applications%20that%20perform%20annoying%2C%20disruptive%2C%20or%20harmful%20actions%20on%20affected%20machines.%20Some%20of%20these%20undesirable%20applications%20can%20replicate%20and%20spread%20from%20one%20machine%20to%20another.%3CSPAN%3E%26nbsp%3B%3C%2FSPAN%3E%3C%2FDIV%3E%3CDIV%20class%3D%22ng-binding%22%3E%26nbsp%3B%3C%2FDIV%3E%3CDIV%20class%3D%22ng-binding%22%3E%3CSPAN%3EMy%26nbsp%3B%20question%20is%20more%26nbsp%3Btowards%2C%20sometime%20software's%20don't%20exists%20on%20users%20machine%20and%20second%20thing%2C%20how%20can%20we%20avoid%26nbsp%3Bhacker%20on%20this%20kind%20of%20attacks.%3C%2FSPAN%3E%3C%2FDIV%3E%3CDIV%20class%3D%22ng-binding%22%3E%26nbsp%3B%3C%2FDIV%3E%3CDIV%20class%3D%22ng-binding%22%3E%26nbsp%3B%3C%2FDIV%3E%3C%2FDIV%3E%3C%2FDIV%3E%3C%2FDIV%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1410411%22%20slang%3D%22en-US%22%3ERe%3A%20'Wacatac'%20malware%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1410411%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F643248%22%20target%3D%22_blank%22%3E%40Arslan11%3C%2FA%3E%26nbsp%3Bhello%20this%20link%20will%20help%20you%20in%20anything%20needed%20and%20you%20will%20thank%20me%20later%20%3CA%20href%3D%22http%3A%2F%2Fwww.articleoffice365.site%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ewww.articleoffice365.site%3C%2FA%3E%26nbsp%3Bthank%20me%20later.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1410436%22%20slang%3D%22en-US%22%3ERe%3A%20'Wacatac'%20malware%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1410436%22%20slang%3D%22en-US%22%3Ethe%20URL%20link%2C%20your%20provided%20is%20not%20valid.%3CBR%20%2F%3E%3CBR%20%2F%3ECan%20you%20please%20put%20a%20text%20instead%20of%20pointing%20me%20to%20the%20url%20link.%3C%2FLINGO-BODY%3E
Contributor

Microsoft defender ATP has detected a 'Wacatac' malware was detected on one of the machine,I looked at the error further, it shows the machine has got a unwanted software.

 

C:\Program Files (x86)\ILG_BROWSERINC\ElectronUtil.exe. 

 

Looking at the description

Severity:Informational
Category:Malware
Detection source:Antivirus
Detection technology:Client, Machine Learning
Detection status:Prevented
Alert context
First activity:21.05.2020 | 11:46:15
Last activity:21.05.2020 | 11:47:10
Status
State:In progress
Classification:Not set
Assigned to:Arslan.Ayoob@networkhomes.org.uk
Description
Malware and unwanted software are undesirable applications that perform annoying, disruptive, or harmful actions on affected machines. Some of these undesirable applications can replicate and spread from one machine to another. 
 
My  question is more towards, sometime software's don't exists on users machine and second thing, how can we avoid hacker on this kind of attacks.
 
 

 

 

0 Replies