SSLBL: Malicious SSL certificate detected (ACRStealer C&C)

SID: 903209037Rev: 10 views
Sourcesslbl/ssl-fp-blacklist
CreatedFebruary 25, 2026
UpdatedFebruary 25, 2026
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"SSLBL: Malicious SSL certificate detected (ACRStealer C&C)"; tls_cert_fingerprint; content:"65:43:b2:39:d6:af:c8:dd:a8:42:42:0d:ae:98:d6:ea:19:9e:ca:95"; reference:url, sslbl.abuse.ch/ssl-certificates/sha1/6543b239d6afc8dda842420dae98d6ea199eca95/; sid:903209037; rev:1;)

References

urlsslbl.abuse.ch/ssl-certificates/sha1/6543b239d6afc8dda842420dae98d6ea199eca95/

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!