Endpoint Protection

 View Only

  • 1.  RAT W32.Extrat Activity

    Posted Jan 30, 2013 08:39 AM
    good

    I can indicate the date on which the attack was detected:

    RAT W32.Extrat Activity

    http://www.symantec.com/security_response/attacksignatures/detail.jsp?asid=26353

    thank you very much

     



  • 2.  RE: RAT W32.Extrat Activity

    Posted Jan 30, 2013 08:43 AM
    HI, Check this blog https://www-secure.symantec.com/connect/blogs/w32extrat-syrian-conflict-used-deliver-xtreme-rat


  • 3.  RE: RAT W32.Extrat Activity

    Posted Jan 30, 2013 08:48 AM

    Yes the definition date is available on the link you posted. Are you having an issue with it?



  • 4.  RE: RAT W32.Extrat Activity
    Best Answer

    Trusted Advisor
    Posted Jan 31, 2013 02:34 AM

    Hello,

    Yes, W32.Extrat was discovered on November 12, 2012.

    W32.Extrat is a worm that spreads by copying itself to removable drives and P2P networks. It also opens a back door and steals information from the compromised computer.

    Check this - 

    http://www.symantec.com/security_response/writeup.jsp?docid=2012-111221-3742-99

    BLOG from Symantec Security Response Team

    W32.Extrat: Syrian Conflict Used To Deliver Xtreme RAT

    http://bit.ly/WJB1Mt

    Hope that helps!!



  • 5.  RE: RAT W32.Extrat Activity

    Posted Jan 31, 2013 02:53 AM

    The current definitions should clean up this threat, are you having any issues with the threat not being detected?