Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 5 subscribers
  • Views 3605 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Advanced Threat Protection Detection

AaronSalkeld1

I have purchased a Changhong 40inch iSmart TV to be used outside. Once I connected this TV to my network, the Advanced Threat Protection detected a threat. Which turned out to be my TV.

The threat name is C2/Zbot-A. 

I have factory reset the TV but am unable to upgrade the firmware as this isnt an updated version.

So I am thinking this is a fault postive. Should I add this device as an exception or just leave it and reset the ATP every now and then?

Thanks



This thread was automatically locked due to age.
  • 0

    Hi Aaron,

    C2/Zbot-A is the threat name associated with the command and control (C&C) servers used by members of the Zbot malware family. Zbot is a Trojan horse malware package that runs on versions of Microsoft Windows.

    ATP works in conjunction with Web Protection and IPS to provide advance protection. Hence, the detection might have occurred as a capture from any of the two module detection.  Skipping a detected threat is not recommended as it exposes infected computers to the command and control servers that hackers use to potentially take control of the computer and access your network. If you are sure it's a false positive catch, you can add it into the exception.

    Thanks

  • 0

    As many devices are being used in botnets/DDoS attacks, and considering the source of the TV, I would definitely capture the traffic and decide for yourself whether it is a good idea to have it hooked up to the internet.  I am definitely not saying don't, just check it out.  It is probably a false positive, but in case it is not, better safe than sorry.

  • 0 in reply to darrellr

    Interesting!  Given the amount of resources the Chinese military puts into hacking every IP in the world, I guess I wouldn't be surprised if they put a program into a smart TV that allows them access to the network it's in.

    Cheers - Bob