Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 11 replies
  • Subscribers 12 subscribers
  • Views 2714 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Opera Helper.app 67.0.3575.79 C2/Generic-A

Evgenij Markovski

Just got too many alerts from many devices :

What happened: Malicious connection detected: 'C2/Generic-A' at '/Applications/Opera (1).app/Contents/Frameworks/Opera Framework.framework/Versions/67.0.3575.79/Helpers/Opera Helper.app/Contents/MacOS/Opera Helper' (Technical Support reference: 1071727604)

Path: /Applications/Opera (1).app/Contents/Frameworks/Opera Framework.framework/Versions/67.0.3575.79/Helpers/Opera Helper.app/Contents/MacOS/Opera Helper

What was detected: C2/Generic-A

How severe it is: High

 

Can you please describe the situation? What should i do?



This thread was automatically locked due to age.
Parents
  • 0

    Hi  

    The alert which you have received states that the C2 traffic has been blocked by your Firewall from the endpoints. You should be able to check the number of machines which are creating this traffic. Check the logs on the firewall about where these endpoints are trying to connect and you can block the IP from there.

    After that, you need to do the Malware remediation on each and every machine to remove the exact component which is causing the issue.

    From the path, I am assuming that you are using MAC machines. 

    Regards,

    Jasmin
    Community Support Engineer | Sophos Support
    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link

Reply
  • 0

    Hi  

    The alert which you have received states that the C2 traffic has been blocked by your Firewall from the endpoints. You should be able to check the number of machines which are creating this traffic. Check the logs on the firewall about where these endpoints are trying to connect and you can block the IP from there.

    After that, you need to do the Malware remediation on each and every machine to remove the exact component which is causing the issue.

    From the path, I am assuming that you are using MAC machines. 

    Regards,

    Jasmin
    Community Support Engineer | Sophos Support
    Sophos Support VideosKnowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'This helped me' link

Children
Unfiltered HTML