This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject

The Community is now in read-only mode to prepare for the launch of the new Flexera Community. During this time, you will be unable to register, log in, or access customer resources. Click here for more information.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Malware CRQAPXHK.WLU?

EMTAllianz
By
Level 2

Hi all,
we have the Ransomware Threat Massage for CRQAPXHK.WLU on our Beacon Server?
Is this a part of the Flexera Beacon process?
We have similar messages several times on the print servers. But these are not threats only "strange name changes" that are required for a process / scan.

‎Oct 07, 2021 05:15 AM

(1) Reply

ChrisG
By Level 20 Flexeran
Level 20 Flexeran

I have not heard of any false positive threat reports for this ransomware being triggered by the FlexNet Beacon Servers software.

In the absence of any information or insight which might suggest a contrary approach, I would be inclined to immediately disconnect the beacon from the network in response to a message like this to allow your security teams to verify whether this is a real threat.

(Did my reply solve the question? Click "ACCEPT AS SOLUTION" to help others find answers faster. Liked something? Click "KUDO". Anything expressed here is my own view and not necessarily that of my employer, Flexera.)

‎Oct 07, 2021 06:15 AM