Category: Viruses and SpywareProtection available since:19 Jul 2013 12:04:27 (GMT)
Type: Malicious behaviorLast Updated:19 Jul 2013 12:04:27 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

C2/Generic-A is the threat name associated with remote command and control (C&C) servers used by malware in callhome connections.

Customers will see reports of C2/Generic-A when Sophos products have blocked network traffic to a remote C&C server. The network traffic will most likely have resulted from active malware on an infected machine that is attempting to connect to the C&C server. Such C&C connections are normally for one of the following reasons:

  • to report the infection
  • to download configuration data
  • to exfiltrate stolen data.

Reports of C2/Generic-A should trigger further investigation on the affected endpoint(s) to identify and remove any running malware.