ET MOBILE_MALWARE iOS/AppBuyer Checkin 1

SID: 2019174Rev: 40 views
History
Sourceet/open
CreatedSeptember 15, 2014
UpdatedSeptember 25, 2020
Classificationtrojan-activity
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET MOBILE_MALWARE iOS/AppBuyer Checkin 1"; flow:established,to_server; http.uri; content:"/updatesrv.aspx?f=1"; fast_pattern; reference:md5,1c32f9f05234cac7dd7a83e3925a3105; reference:url,researchcenter.paloaltonetworks.com/2014/09/appbuyer-new-ios-malware-steals-apple-id-password-buy-apps/; classtype:trojan-activity; sid:2019174; rev:4; metadata:attack_target Mobile_Client, created_at 2014_09_15, signature_severity Major, updated_at 2020_09_25, mitre_tactic_id TA0010, mitre_tactic_name Exfiltration, mitre_technique_id T1041, mitre_technique_name Exfiltration_Over_C2_Channel;)

References

md5
1c32f9f05234cac7dd7a83e3925a3105
Google SearchBrave Search
urlresearchcenter.paloaltonetworks.com/2014/09/appbuyer-new-ios-malware-steals-apple-id-password-buy-apps/

Metadata

attack targetMobile_Client
created at2014_09_15
signature severityMajor
updated at2020_09_25
mitre tactic idTA0010
mitre tactic nameExfiltration
mitre technique idT1041
mitre technique nameExfiltration_Over_C2_Channel

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!