Showing results for 
Show  only  | Search instead for 
Did you mean: 

Who Me Too'd this topic

Command & Control or Just Ads?

L2 Linker

In the last few days I have seen alerts for berbew.jb C2 traffic(192730665) and dynamer.bayo C2 traffic(192442683).  The odd thing here is that in the alert the same url is being accessed ( and this seems like it should just be web advertising.  I have checked the system with multiple AV products and it comes back clean.  


From what I have read these signatures were created by wildfire.  Perhaps there is a false positive here?  Is there somewhere that a person could get more technical details on the traffic that is sent by these C&C communications?



Who Me Too'd this topic