Hey, i have to make this quite vague, so i do not concern anyone here unnecessarily.
So, i have been running this stack for a while now and have recently (1 month and 2 months ago) received notices from my ISP, that some device on my network might be infected by the bumblebee malware.
Afterwards i spent hours and days to figure out what might be wrong and which device might be infected, but i could not find any (also bumblebee is usually a windows exclusive malware). The weeird thing in my case is, that the second time was, when noone was at home at all, so all devices, except my home server which also runs IGM was online and running. I checked everything, but couldnt pin it down. I also used wireshark to monitor my network traffic, but nothing, i just see, that the IGM stack is reaching out to various different URLs (which is epxected from the type of service). So i stopped and didnt care about it much anymore, because everything looked clean.
Now my partens received the exact same inforamtion by the same ISP with the same malware infection in their network. I checked everything again, and everything looked clean, but then it hit me. At my parents home i have a small home server that does usually only provide some smart home functionallity (home assistant and zigbee2mqtt) but i recently installed the IGM-stack on.
So my current suspection is, that any of the services that IGM provides as a service might also forward traffic that is relatable to the bumblebee malware, that way it would make sense, that i got hit and my parents aswell.
So my question is, is something like this known? Has anyone experienced this already or knows which service might be "affected"?
I am runnign basically all services that can provide payout via cash/paypal, as i dont want to hassle with crypto. I do noth think that any specific service is infected, but for some reason they "allowed" traffic from a malicious third party that then gets forwarded and proxied through ones home network.
Hey, i have to make this quite vague, so i do not concern anyone here unnecessarily.
So, i have been running this stack for a while now and have recently (1 month and 2 months ago) received notices from my ISP, that some device on my network might be infected by the bumblebee malware.
Afterwards i spent hours and days to figure out what might be wrong and which device might be infected, but i could not find any (also bumblebee is usually a windows exclusive malware). The weeird thing in my case is, that the second time was, when noone was at home at all, so all devices, except my home server which also runs IGM was online and running. I checked everything, but couldnt pin it down. I also used wireshark to monitor my network traffic, but nothing, i just see, that the IGM stack is reaching out to various different URLs (which is epxected from the type of service). So i stopped and didnt care about it much anymore, because everything looked clean.
Now my partens received the exact same inforamtion by the same ISP with the same malware infection in their network. I checked everything again, and everything looked clean, but then it hit me. At my parents home i have a small home server that does usually only provide some smart home functionallity (home assistant and zigbee2mqtt) but i recently installed the IGM-stack on.
So my current suspection is, that any of the services that IGM provides as a service might also forward traffic that is relatable to the bumblebee malware, that way it would make sense, that i got hit and my parents aswell.
So my question is, is something like this known? Has anyone experienced this already or knows which service might be "affected"?
I am runnign basically all services that can provide payout via cash/paypal, as i dont want to hassle with crypto. I do noth think that any specific service is infected, but for some reason they "allowed" traffic from a malicious third party that then gets forwarded and proxied through ones home network.