SSLBL: Malicious SSL certificate detected (Vidar C&C)

SID: 903208718Rev: 10 views
Sourcesslbl/ssl-fp-blacklist
CreatedJanuary 9, 2026
UpdatedJanuary 9, 2026
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"SSLBL: Malicious SSL certificate detected (Vidar C&C)"; tls_cert_fingerprint; content:"1c:3e:dc:02:04:ea:78:9e:ef:91:aa:7e:fa:0d:fe:33:b0:2b:f7:ef"; reference:url, sslbl.abuse.ch/ssl-certificates/sha1/1c3edc0204ea789eef91aa7efa0dfe33b02bf7ef/; sid:903208718; rev:1;)

References

urlsslbl.abuse.ch/ssl-certificates/sha1/1c3edc0204ea789eef91aa7efa0dfe33b02bf7ef/

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!