EMTAllianz
Level 2

Malware CRQAPXHK.WLU?

Hi all,
we have the Ransomware Threat Massage for CRQAPXHK.WLU on our Beacon Server?
Is this a part of the Flexera Beacon process?
We have similar messages several times on the print servers. But these are not threats only "strange name changes" that are required for a process / scan.

1 Reply
ChrisG
Community Manager Community Manager
Community Manager

I have not heard of any false positive threat reports for this ransomware being triggered by the FlexNet Beacon Servers software.

In the absence of any information or insight which might suggest a contrary approach, I would be inclined to immediately disconnect the beacon from the network in response to a message like this to allow your security teams to verify whether this is a real threat.

(Did my reply solve the question? Click "ACCEPT AS SOLUTION" to help others find answers faster. Liked something? Click "KUDO". Anything expressed here is my own view and not necessarily that of my employer, Flexera.)