* [Blog](https://www2.paloaltonetworks.com/blog)
* [Palo Alto Networks](https://www2.paloaltonetworks.com/blog/corporate/)
* [未分类](https://www2.paloaltonetworks.com/blog/category/%e6%9c%aa%e5%88%86%e7%b1%bb/?lang=zh-hant)
* MyDoom病毒：2019依旧肆虐...

# MyDoom病毒：2019依旧肆虐

[](https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2019%2F08%2Fmydoom-still-active-in-2019%2F%3Flang%3Dzh-hans)  
[](https://twitter.com/share?text=MyDoom%E7%97%85%E6%AF%92%EF%BC%9A2019%E4%BE%9D%E6%97%A7%E8%82%86%E8%99%90&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2019%2F08%2Fmydoom-still-active-in-2019%2F%3Flang%3Dzh-hans)  
[](https://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fwww2.paloaltonetworks.com%2Fblog%2F2019%2F08%2Fmydoom-still-active-in-2019%2F%3Flang%3Dzh-hans&title=MyDoom%E7%97%85%E6%AF%92%EF%BC%9A2019%E4%BE%9D%E6%97%A7%E8%82%86%E8%99%90&summary=&source=)  
[](https://www.paloaltonetworks.com//www.reddit.com/submit?url=https://www2.paloaltonetworks.com/blog/2019/08/mydoom-still-active-in-2019/?lang=zh-hans&ts=markdown)  
[](mailto:?subject=MyDoom病毒：2019依旧肆虐)  
Link copied  
By [Brad Duncan](https://www.paloaltonetworks.com/blog/author/bduncan/?lang=zh-hans&ts=markdown "Posts by Brad Duncan")  
Aug 16, 2019  
2 minutes  
[未分类](https://www.paloaltonetworks.com/blog/category/%e6%9c%aa%e5%88%86%e7%b1%bb/?lang=zh-hant&ts=markdown)

This post is also available in: [繁體中文 (繁体中文)](https://www2.paloaltonetworks.com/blog/2019/08/mydoom-still-active-in-2019/?lang=zh-hant "切换到 繁体中文(繁體中文)")

![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2019/08/Malicious-email-r3d2.png)

臭名昭著的MyDoom计算机蠕虫，早在2004年便被首次发现，其位列最具破坏性计算机病毒前十名，估计损失达380亿美元。尽管已经"风光"不再，现在的MyDoom在整个网络威胁环境中仍占有一席之地。比如距离现在最近的2017年，在Palo Alto Networks的双月威胁报告中我们记录了发生在欧洲、中东以及非洲地区的MyDoom活动。

在过去几年中，MyDoom的生存保持相对稳定，在我们看到的带有恶意软件附件的邮件当中，平均约占1.1%。此外，我们每个月都记录到有成千上万个MyDoom样本。大多数MyDoom邮件来自于在中国注册的IP地址，其次是来自于美国。这些邮件在全世界范围内传送，其目标主要为高科技产业、批发及零售行业、医疗行业、教育以及制造业。

本文跟踪了近几年MyDoom病毒的活动情况，并聚焦2019年上半年的发展趋势。

**MyDoom** **在** **2015-2018** **年的活动情况**

MyDoom的传播方法是通过使用SMTP (Simple Mail Transfer Protocol, 简单邮件传输协议）的电子邮件来扩散。我们对两组邮件进行了对比，一组是带有MyDoom附件的邮件，另外一组是包含其他任意类型恶意软件附件的邮件，在2015至2018年的四年当中，我们发现平均有1.1%的恶意邮件含有MyDoom。对于同一时期的个体恶意软件样本， MyDoom占全部个体恶意附件的21.4%。

为什么MyDoom邮件比MyDoom附件的占比低如此之多？这是因为，许多恶意邮件带有同一恶意样本并将其发送至成百上千个接受方。而MyDoom为多态，我们发现它针对每个邮件都有不同的文件哈希。因此，尽管MyDoom邮件数量相对较少，但在样本数量上与其他通过邮件来传播的恶意样本来比较是相对较高的。表1即为2015至2018年的统计数据，

|--------|---------------|-----------------|-----------------|---|---------|--------------|-----------------|
| **年度** | **MyDoom 邮件** | **含有恶意软件的邮件总数** | **MyDoom 邮件占比** | **MyDoom 样本** || **恶意软件样本总数** | **MyDoom 样本占比** |
| 2015   | 574,674       | 27,599,631      | 2.1%               || 87,119  | 615,386      | 14.2%           |
| 2016   | 589,107       | 77,575,376      | 0.8%               || 142,659 | 960,517      | 14.9%           |
| 2017   | 309,978       | 79,599,864      | 0.4%               || 95,115  | 340,433      | 27.9%           |
| 2018   | 663,212       | 64,919,295      | 1.0%               || 150,075 | 528,306      | 28.4%           |

*表* *1:2015-2108* *年间的* *MyDoom* *统计数据*

![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2019/08/图1.jpg)

*图* *1. 2015* *年* *MyDoom* *活跃水平*

![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2019/08/图2.jpg)

*图* *2. 2016* *年* *MyDoom* *活跃水平*

*![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2019/08/图3.jpg)*

*图* *3. 2017* *年* *MyDoom* *活跃水平*

*![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2019/08/图4.jpg)*

*图* *4. 2018* *年* *MyDoom* *活跃水平*

**MyDoom** **在** **2019** **年的活动情况**

2019年上半年MyDoom的活跃程度，与2018年全年平均水平基本持平，仅在邮件和恶意软件样本占比方面略微高一点。见表2，

|------------|-------------------|-----------------|---------------------|-------------------|--------------|---------------------|
| **年**      | **MyDoom** **邮件** | **含有恶意软件的邮件总数** | **MyDoom** **邮件占比** | **MyDoom** **样本** | **恶意软件样本总数** | **MyDoom** **样本占比** |
| 2019年1月-6月 | 465,896           | 41,002,585      | 1.1%                | 92,932            | 302,820      | 30.1%               |

*表* *2* *，* *2019* *年上半年* *MyDoom* *数据*

![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2019/08/图5.jpg)

*图* *5. 2019* *年上半年* *MyDoom* *活跃水平*

不止一个月里有574个MyDoom样本出现，因此下表3中的MyDoom恶意软件样本总数与上一表中整个六个月期间的MyDoom样本总数不同。

|---------|-------------------|-----------------------|
| **月份**  | **MyDoom** **邮件** | **MyDoom** **恶意软件样本** |
| 2019年一月 | 54,371            | 14,441                |
| 2019年二月 | 47,748            | 11,566                |
| 2019年三月 | 80,537            | 18,789                |
| 2019年四月 | 92,049            | 17,278                |
| 2019年五月 | 113,037           | 15,586                |
| 2019年六月 | 78,154            | 15,846                |

*表* *3* *，* *2019* *年上半年各个月* *MyDoom* *数据*

![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2019/08/图6.jpg)

*图* *6.* *图表显示* *2019* *年* *1* *月至* *6* *月间的* *MyDoom* *活跃水平*

那么这些邮件来自于何处？在2019上半年中我们发现IP地址排在前十名的国家和地区包括，

* 中国大陆: 349,454 封邮件
* 美国: 18,590 封邮件
* 英国: 10,151 封邮件
* 越南: 4,426 封邮件
* 韩国: 2,575 封邮件
* 西班牙: 2,154 封邮件
* 俄罗斯: 1,007 封邮件
* 印度: 657 封邮件
* 台湾地区: 536 封邮件
* 哈萨克斯坦: 388 封邮件

![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2019/08/图7.jpg)

*图* *7. 2019* *年上半年* *MyDoom* *邮件出现的国家* */* *地区*

目标国家比来源国家更加多样且分布均匀，排在前十名的国家和地区分别是，

* 中国大陆: 72,713 封邮件
* 美国: 56,135 封邮件
* 台湾地区: 5,628 封邮件
* 德国: 5,503 封邮件
* 日本: 5,105 封邮件
* 新加坡: 3,097 封邮件
* 韩国: 1,892 封邮件
* 罗马尼亚: 1,651 封邮件
* 澳大利亚: 1,295 封邮件
* 英国: 1,187 封邮件

![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2019/08/图8.jpg)

*图* *8. 2019* *年上半年* *MyDoom* *邮件发送的目标国家和地区*

那么，在这期间排在前十位最容易受到攻击的行业是，

* 高科技: 212,641封邮件
* 批发零售：84,996 封邮件
* 医疗: 49,782 封邮件
* 教育: 37,961 封邮件
* 制造: 32,429 封邮件
* 专业及法律服务: 19,401 封邮件
* 电信: 4,125 封邮件
* 金融: 2,259 封邮件
* 运输及物流: 1,595 封邮件
* 保险: 796 封邮件

当然以上结果很容易受到客户规模的影响。但是，这一数据显示中国和美国既是多数MyDoom的来源国，也是这一病毒的目标国。

**MyDoom** **的特征**

多年以来，MyDoon的传播有着相同的特征。2019年2月，人工智能和网络安全公司Cylance对MyDoom采样进行了分析，发现现在的MyDoom样本都有着类似的特征。通常情况下，邮件发送MyDoom病毒，会伪装成邮件发送失败后返回的报告，邮件标题为，

* 发送失败
* 邮件发送报告
* 邮件系统错误 -- 邮件返回
* 邮件可能无法收到
* 邮件返回：数据格式错误
* 邮件返回：详细信息参考记录

另外，我们还经常看到MyDoom邮件的标题字母排列混乱，有些标题还会呈现出以下这种形式，

* Click me baby, one more time
* hello
* Hi
* say helo to my litl friend

以下图9、图10和图11，来自于2019年7月 MyDoom 邮件样本的截屏，

![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2019/08/图9.jpg)

*图* *9. 2019* *年* *7* *月的一份* *MyDoom* *邮件样本* *(1)*

![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2019/08/图10.jpg)

*图* *10. 2019* *年* *7* *月的一份* *MyDoom* *邮件样本* *(2)*

![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2019/08/图11.jpg)

*图* *11. 2019* *年* *7* *月的一份* *MyDoom* *邮件样本* *(3)*

这些MyDoom邮件的附件都是可执行文件，或者是压缩包中含有可执行文件。MyDoom恶意软件可将Windows 主机感染为恶意软件自动发送机器人，然后将MyDoom邮件发送至不同邮件地址，即使受感染的Windows主机没有邮件客户端，也将发送恶意邮件。此外，MyDoom的另外一个特征，是试图通过TCP接口1042来连接多个不同IP地址。

![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2019/08/图12.jpg)

*图* *12. 2019* *年* *7* *月* *15* *日来自某受* *MyDoom* *感染主机的邮件流量*

![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2019/08/图13.jpg)

*图* *13.* *某个受* *MyDoom* *感染的主机试图通过* *TCP* *端口* *1042* *进行连接*

在某个Windows 7主机，MyDoom自我复制后并放置于路径AppData\\Local\\Temp directory as lsass.exe, 但在Windows注册表中恶意软件是无法持续的。在某个Windows XP主机中，MyDoom可执行文件自我复制并放置于路径C:\\Windows\\lsass.exe下，通过HKEY\_LOCAL\_MACHINE路径下的注册表以及SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run路径下一个名为Traybar的数据仓库工具来实现，如图14所示，

![](https://www.paloaltonetworks.com/blog/wp-content/uploads/2019/08/图14.jpg)

*图* *14* *：* *MyDoom* *在某个* *Window XP* *主机上的持续性*

**结论**

尽管早在2004年便被发现，MyDoom在今天仍然活跃，这足以证明其初始破坏性该有多么强大。多年来，仍有大量的基础设施受到感染，我们在今天的威胁环境中仍能继续看到MyDoom的存在。此外，尽管在恶意邮件当中含有MyDoom病毒的比例相对较小，但这一病毒始终存在。

基于对我们所掌握数据的分析，大多数受到MyDoom感染的基础设施其IP地址大多来自中国，而美国则紧跟其后。尽管MyDoom病毒全球传播并指向多个国家，但中国和美国仍然是两个主要接收MyDoom邮件的国家。高科技产业是其最大攻击目标。

Palo Alto Networks（派拓网络）的Threat Prevention Platform可轻松检测到该恶意软件，从而有效保护客户免受MyDoom影响。同时，AutoFocus用户可借助MyDoom标签来追踪MyDoom意图。

**入侵指标**

MyDoom EXE Samples from July 2019 自2019年7月以来的MyDoom可执行文件样本

1b46afe1779e897e6b9f3714e9276ccb7a4cef6865eb6a4172f0dd1ce1a46b42

48cf912217c1b5ef59063c7bdb93b54b9a91bb6920b63a461f8ac7fcff43e205

50dfd9af6953fd1eba41ee694fe26782ad4c2d2294030af2d48efcbcbfe09e11

6a9c46d96f001a1a3cc47d166d6c0aabc26a5cf25610cef51d2b834526c6b596

9e4c6410ab9eda9a3d3cbf23c58215f3bc8d3e66ad55e40b4e30eb785e191bf8

*** ** * ** ***

## Related Blogs

### [未分类](https://www.paloaltonetworks.com/blog/category/%e6%9c%aa%e5%88%86%e7%b1%bb/?lang=zh-hant&ts=markdown)

[#### AI代理已經來臨，威脅也隨之而來](https://www2.paloaltonetworks.com/blog/2025/05/ai-agents-threats/?lang=zh-hant)

### [未分类](https://www.paloaltonetworks.com/blog/category/%e6%9c%aa%e5%88%86%e7%b1%bb/?lang=zh-hant&ts=markdown)

[#### Strata Copilot - 加速迈向自主网络安全的未来](https://www2.paloaltonetworks.com/blog/network-security/strata-copilot/?lang=zh-hans)

### [未分类](https://www.paloaltonetworks.com/blog/category/%e6%9c%aa%e5%88%86%e7%b1%bb/?lang=zh-hant&ts=markdown)

[#### 防火墙已死？至少本世纪不会！](https://www2.paloaltonetworks.com/blog/2023/08/ngfw-is-not-dead-yet/?lang=zh-hans)

### [未分类](https://www.paloaltonetworks.com/blog/category/%e6%9c%aa%e5%88%86%e7%b1%bb/?lang=zh-hant&ts=markdown)

[#### 面对性命攸关的时刻，如何实现可靠的医疗物联网安全](https://www2.paloaltonetworks.com/blog/2022/12/medical-iot-security-to-depend-on/?lang=zh-hans)

### [未分类](https://www.paloaltonetworks.com/blog/category/%e6%9c%aa%e5%88%86%e7%b1%bb/?lang=zh-hant&ts=markdown)

[#### 利用业界首创的 AIOps for NGFW 革新防火墙运行](https://www2.paloaltonetworks.com/blog/2022/03/industry-first-aiops-for-ngfw/?lang=zh-hans)

### [未分类](https://www.paloaltonetworks.com/blog/category/%e6%9c%aa%e5%88%86%e7%b1%bb/?lang=zh-hant&ts=markdown)

[#### Prisma Access 是保护远程用户安全的领先云服务](https://www2.paloaltonetworks.com/blog/2021/08/prisma-access-leading-cloud-service-secure-remote-users/?lang=zh-hans)

### Subscribe to the Blog!

Sign up to receive must-read articles, Playbooks of the Week, new feature announcements, and more.
![spinner](https://www2.paloaltonetworks.com/blog/wp-content/themes/panwblog2023/dist/images/ajax-loader.gif) Sign up  
Please enter a valid email.  
By submitting this form, you agree to our [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown) and acknowledge our [Privacy Statement](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown). Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.  
This site is protected by reCAPTCHA and the Google [Privacy Policy](https://policies.google.com/privacy) and [Terms of Service](https://policies.google.com/terms) apply.  
{#footer} {#footer}

## Products and Services

* [AI-Powered Network Security Platform](https://www.paloaltonetworks.com/network-security?ts=markdown)

* [Secure AI by Design](https://www.paloaltonetworks.com/precision-ai-security/secure-ai-by-design?ts=markdown)

* [Prisma AIRS](https://www.paloaltonetworks.com/prisma/prisma-ai-runtime-security?ts=markdown)

* [AI Access Security](https://www.paloaltonetworks.com/sase/ai-access-security?ts=markdown)

* [Cloud Delivered Security Services](https://www.paloaltonetworks.com/network-security/security-subscriptions?ts=markdown)

* [Advanced Threat Prevention](https://www.paloaltonetworks.com/network-security/advanced-threat-prevention?ts=markdown)

* [Advanced URL Filtering](https://www.paloaltonetworks.com/network-security/advanced-url-filtering?ts=markdown)

* [Advanced WildFire](https://www.paloaltonetworks.com/network-security/advanced-wildfire?ts=markdown)

* [Advanced DNS Security](https://www.paloaltonetworks.com/network-security/advanced-dns-security?ts=markdown)

* [Enterprise Data Loss Prevention](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Enterprise IoT Security](https://www.paloaltonetworks.com/network-security/enterprise-device-security?ts=markdown)

* [Medical IoT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [Industrial OT Security](https://www.paloaltonetworks.com/network-security/medical-device-security?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [Next-Generation Firewalls](https://www.paloaltonetworks.com/network-security/next-generation-firewall?ts=markdown)

* [Hardware Firewalls](https://www.paloaltonetworks.com/network-security/hardware-firewall-innovations?ts=markdown)

* [Software Firewalls](https://www.paloaltonetworks.com/network-security/software-firewalls?ts=markdown)

* [Strata Cloud Manager](https://www.paloaltonetworks.com/network-security/strata-cloud-manager?ts=markdown)

* [SD-WAN for NGFW](https://www.paloaltonetworks.com/network-security/sd-wan-subscription?ts=markdown)

* [PAN-OS](https://www.paloaltonetworks.com/network-security/pan-os?ts=markdown)

* [Panorama](https://www.paloaltonetworks.com/network-security/panorama?ts=markdown)

* [Secure Access Service Edge](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Prisma SASE](https://www.paloaltonetworks.com/sase?ts=markdown)

* [Application Acceleration](https://www.paloaltonetworks.com/sase/app-acceleration?ts=markdown)

* [Autonomous Digital Experience Management](https://www.paloaltonetworks.com/sase/adem?ts=markdown)

* [Enterprise DLP](https://www.paloaltonetworks.com/sase/enterprise-data-loss-prevention?ts=markdown)

* [Prisma Access](https://www.paloaltonetworks.com/sase/access?ts=markdown)

* [Prisma Browser](https://www.paloaltonetworks.com/sase/prisma-browser?ts=markdown)

* [Prisma SD-WAN](https://www.paloaltonetworks.com/sase/sd-wan?ts=markdown)

* [Remote Browser Isolation](https://www.paloaltonetworks.com/sase/remote-browser-isolation?ts=markdown)

* [SaaS Security](https://www.paloaltonetworks.com/sase/saas-security?ts=markdown)

* [AI-Driven Security Operations Platform](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cloud Security](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Cortex Cloud](https://www.paloaltonetworks.com/cortex/cloud?ts=markdown)

* [Application Security](https://www.paloaltonetworks.com/cortex/cloud/application-security?ts=markdown)

* [Cloud Posture Security](https://www.paloaltonetworks.com/cortex/cloud/cloud-posture-security?ts=markdown)

* [Cloud Runtime Security](https://www.paloaltonetworks.com/cortex/cloud/runtime-security?ts=markdown)

* [Prisma Cloud](https://www.paloaltonetworks.com/prisma/cloud?ts=markdown)

* [AI-Driven SOC](https://www.paloaltonetworks.com/cortex?ts=markdown)

* [Cortex XSIAM](https://www.paloaltonetworks.com/cortex/cortex-xsiam?ts=markdown)

* [Cortex XDR](https://www.paloaltonetworks.com/cortex/cortex-xdr?ts=markdown)

* [Cortex XSOAR](https://www.paloaltonetworks.com/cortex/cortex-xsoar?ts=markdown)

* [Cortex Xpanse](https://www.paloaltonetworks.com/cortex/cortex-xpanse?ts=markdown)

* [Unit 42 Managed Detection \& Response](https://www.paloaltonetworks.com/cortex/managed-detection-and-response?ts=markdown)

* [Managed XSIAM](https://www.paloaltonetworks.com/cortex/managed-xsiam?ts=markdown)

* [Threat Intel and Incident Response Services](https://www.paloaltonetworks.com/unit42?ts=markdown)

* [Proactive Assessments](https://www.paloaltonetworks.com/unit42/assess?ts=markdown)

* [Incident Response](https://www.paloaltonetworks.com/unit42/respond?ts=markdown)

* [Transform Your Security Strategy](https://www.paloaltonetworks.com/unit42/transform?ts=markdown)

* [Discover Threat Intelligence](https://www.paloaltonetworks.com/unit42/threat-intelligence-partners?ts=markdown)

## Company

* [About Us](https://www.paloaltonetworks.com/about-us?ts=markdown)
* [Careers](https://jobs.paloaltonetworks.com/en/)
* [Contact Us](https://www.paloaltonetworks.com/company/contact-sales?ts=markdown)
* [Corporate Responsibility](https://www.paloaltonetworks.com/about-us/corporate-responsibility?ts=markdown)
* [Customers](https://www.paloaltonetworks.com/customers?ts=markdown)
* [Investor Relations](https://investors.paloaltonetworks.com/)
* [Location](https://www.paloaltonetworks.com/about-us/locations?ts=markdown)
* [Newsroom](https://www.paloaltonetworks.com/company/newsroom?ts=markdown)

## Popular Links

* [Blog](https://www.paloaltonetworks.com/blog/?ts=markdown)
* [Communities](https://www.paloaltonetworks.com/communities?ts=markdown)
* [Content Library](https://www.paloaltonetworks.com/resources?ts=markdown)
* [Cyberpedia](https://www.paloaltonetworks.com/cyberpedia?ts=markdown)
* [Event Center](https://events.paloaltonetworks.com/)
* [Manage Email Preferences](https://start.paloaltonetworks.com/preference-center)
* [Products A-Z](https://www.paloaltonetworks.com/products/products-a-z?ts=markdown)
* [Product Certifications](https://www.paloaltonetworks.com/legal-notices/trust-center/compliance?ts=markdown)
* [Report a Vulnerability](https://www.paloaltonetworks.com/security-disclosure?ts=markdown)
* [Sitemap](https://www.paloaltonetworks.com/sitemap?ts=markdown)
* [Tech Docs](https://docs.paloaltonetworks.com/)
* [Unit 42](https://unit42.paloaltonetworks.com/)
* [Do Not Sell or Share My Personal Information](https://panwedd.exterro.net/portal/dsar.htm?target=panwedd)
  ![PAN logo](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/pan-logo-dark.svg)
* [Privacy](https://www.paloaltonetworks.com/legal-notices/privacy?ts=markdown)
* [Trust Center](https://www.paloaltonetworks.com/legal-notices/trust-center?ts=markdown)
* [Terms of Use](https://www.paloaltonetworks.com/legal-notices/terms-of-use?ts=markdown)
* [Documents](https://www.paloaltonetworks.com/legal?ts=markdown)

Copyright © 2026 Palo Alto Networks. All Rights Reserved

* [![Youtube](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/youtube-black.svg)](https://www.youtube.com/user/paloaltonetworks)
* [![Podcast](https://www.paloaltonetworks.com/content/dam/pan/en_US/images/icons/podcast.svg)](https://www.paloaltonetworks.com/podcasts/threat-vector?ts=markdown)
* [![Facebook](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/facebook-black.svg)](https://www.facebook.com/PaloAltoNetworks/)
* [![LinkedIn](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/linkedin-black.svg)](https://www.linkedin.com/company/palo-alto-networks)
* [![Twitter](https://www.paloaltonetworks.com/etc/clientlibs/clean/imgs/social/twitter-x-black.svg)](https://twitter.com/PaloAltoNtwks)
* EN  
  Select your language