ET EXPLOIT_KIT Phoenix Exploit Kit Facebook phishing page payload could be ZeuS

SID: 2011121Rev: 70 views
History
Sourceet/open
CreatedJuly 30, 2010
UpdatedApril 21, 2020
Classificationexploit-kit
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET EXPLOIT_KIT Phoenix Exploit Kit Facebook phishing page payload could be ZeuS"; flow:established,to_server; http.method; content:"GET"; nocase; http.uri; content:"/LoginFacebook.php"; endswith; pcre:"/\/[a-z]{2}[0-9]{3}[a-z]{2}\/LoginFacebook\.php$/"; reference:url,malwareint.blogspot.com/2010/03/new-phishing-campaign-against-facebook.html; classtype:exploit-kit; sid:2011121; rev:7; metadata:attack_target Client_Endpoint, created_at 2010_07_30, deployment Perimeter, signature_severity Major, tag Phishing, updated_at 2020_04_21;)

References

urlmalwareint.blogspot.com/2010/03/new-phishing-campaign-against-facebook.html

Metadata

attack targetClient_Endpoint
created at2010_07_30
deploymentPerimeter
signature severityMajor
tagPhishing
updated at2020_04_21

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!