Skip to main content

Malicious pop-up traffic

ID:popup_traffic
Data type:DNS,HTTP
Severity:
Low
MITRE ATT&CK:TA0001:T1189

Description

AlphaSOC detected network traffic associated with malicious pop-ups, often utilized in drive-by download attacks. These attacks typically involve pop-ups containing misleading information or fake warnings designed to trick users into compromising their systems.

Impact

Malicious pop-ups can cause users to inadvertently download malware, share sensitive information, or grant unauthorized access to their devices, which may result in financial loss, data breaches, or the system becoming part of a botnet.

Severity

SeverityCondition
Informational
Malicious pop-up traffic

Investigation and Remediation

Identify the source of the pop-ups and all potentially compromised websites. Perform a malware scan on affected systems and remove any suspicious software.

Known False Positives

  • A legitimate website miscategorized as malicious