ET ADWARE_PUP LNKR landing page (possible compromised site) M4

SID: 2027428Rev: 40 views
History
Sourceet/open
CreatedJune 3, 2019
UpdatedAugust 31, 2020
Classificationpup-activity
alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET ADWARE_PUP LNKR landing page (possible compromised site) M4"; flow:established,from_server; http.stat_code; content:"200"; http.response_body; content:"/optout/set/lat?jsonp="; fast_pattern; content:"key="; distance:16; within:27; content:"cv="; distance:18; within:27; content:"t="; distance:0; reference:url,securitytrails.com/blog/lnkr-malicious-browser-extension; classtype:pup-activity; sid:2027428; rev:4; metadata:affected_product Web_Browsers, attack_target Client_Endpoint, created_at 2019_06_03, deployment Perimeter, performance_impact Low, confidence High, signature_severity Minor, updated_at 2020_08_31;)

References

urlsecuritytrails.com/blog/lnkr-malicious-browser-extension

Metadata

affected productWeb_Browsers
attack targetClient_Endpoint
created at2019_06_03
deploymentPerimeter
performance impactLow
confidenceHigh
signature severityMinor
updated at2020_08_31

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!