Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » Researchers warn of resurgent Sefnit malware

Researchers warn of resurgent Sefnit malware


The Register - (International) Researchers at Facebook reported that the Sefnit malware has been seen in use again, but without the use of a Tor client. The malware instead establishes direct connections to one or more command and control servers using a secure Plink connection.


Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at:

Last Updated: 27 May 2016 10:20:06