1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. System Infected: W32.Meteit Activity

System Infected: W32.Meteit Activity

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects traffic generated by W32.Meteit which could lead to further infection of the affected system.

Additional Information

When W32.Meteit is executed, it performs the following actions:

It connects to the following C and C URLs:

hxxp://malev1ch.com/rtl/sign.php
hxxp://lev1tan.com/rtl/sign.php
hxxp://malev1ch.com/rtl/cef.php
hxxp://lev1tan.com/rtl/cef.php

Affected

  • Windows
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube