SSLBL: Malicious SSL certificate detected (ACRStealer C&C)

SID: 903209193Rev: 10 views
Sourcesslbl/ssl-fp-blacklist
CreatedMarch 11, 2026
UpdatedMarch 11, 2026
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"SSLBL: Malicious SSL certificate detected (ACRStealer C&C)"; tls_cert_fingerprint; content:"9b:79:67:6e:f4:75:46:3b:00:85:b4:fd:aa:56:30:34:8f:e0:ff:af"; reference:url, sslbl.abuse.ch/ssl-certificates/sha1/9b79676ef475463b0085b4fdaa5630348fe0ffaf/; sid:903209193; rev:1;)

References

urlsslbl.abuse.ch/ssl-certificates/sha1/9b79676ef475463b0085b4fdaa5630348fe0ffaf/

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!