Potentially unwanted program or browser extension installed
Description
AlphaSOC detected network traffic to a destination that is commonly associated with potentially unwanted programs (PUPs) and browser extensions. These software packages and extensions are often free, but track user activities online, serve pop-up advertisements, and can lead to the installation of malware. As such, they introduce unnecessary risk within the environment and should be removed.
Impact
Unwanted programs can potentially collect sensitive data, modify browser settings, and inject malicious content into web pages. Adversaries often use these methods to gain initial access to a system by exploiting vulnerabilities in web browsers or tricking users into installing seemingly benign extensions that contain hidden malicious functionality.
Severity
Severity | Condition |
---|---|
Medium | Potentially unwanted program or browser extension installed |
Investigation and Remediation
Investigate the affected system to identify the specific unwanted program or extension. Review recent user activities, browser history, and installed software. Remove the malicious component and scan the system for additional threats. Analyze network logs to determine if the unwanted software has communicated with external servers.