NAME: Network security identifies program/traffic as virus.
SEVERITY: 1
LOCATION: Cannot determine exact location/time
REPRODUCIBILITY: ALWAYS
DESCRIPTION: The network security in my apartment automatically flags battleforge as a virus when I try to play it online and sends me an autogenerated email about it within 5 min of loading the game. The network we use is a communal network, so I don't have access to the firewalls/security.
ADDITIONAL INFORMATION: The email I was sent is pasted below.
Hello!
For your user id z51552 / network socket id z51552
a infection with a malware was reported. One of your connected devices
might be infected.
Additional information to this case:
Malwaretype: TROJAN ABUSE.CH SSL Blacklist Malicious SSL certificate detected (Dridex/Trickbot CnC)
IP-Address: 212.201.77.144
Timestamp: 2018-09-06 18:02:17+02:00
Reference: Snort ID 2021013
For your own safety, please check all the connected devices for a virus
infection. Please also keep in mind, that in case of a infection
all stored or entered data (Logins, credit card numbers,
bank account, ...) might be now in the hand of third persons.
In case of doubt, please take actions accordingly.
You can get information and help at the US Cert website using the
following short-link: http://1.usa.gov/VHaeIa
If a malware detection is detected multiple times, the network
socket may be automatically disabled.
This is an automated Message.