Versions (3)
Version DetailsCurrent
Rev: 1 • Jun 25, 2025, 11:40 AMSSLBL: Malicious SSL certificate detected (LummaStealer C&C)
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"SSLBL: Malicious SSL certificate detected (LummaStealer C&C)"; tls_cert_fingerprint; content:"ed:7a:a6:6c:0e:bc:7a:71:46:e7:b7:7b:1b:e0:df:5b:a8:46:b6:28"; reference:url, sslbl.abuse.ch/ssl-certificates/sha1/ed7aa66c0ebc7a7146e7b77b1be0df5ba846b628/; sid:903207146; rev:1;)
Jun 25, 2025, 11:40 AM
Jun 25, 2025, 11:40 AM
Jul 17, 2025, 2:34 PM
Jul 17, 2025, 2:34 PM
sslblacklist_tls_cert.rules