SSLBL: Malicious SSL certificate detected (Vidar C&C)

SID: 903209258Rev: 10 views

Sourcesslbl/ssl-fp-blacklist

CreatedMarch 18, 2026

UpdatedMarch 18, 2026

alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"SSLBL: Malicious SSL certificate detected (Vidar C&C)"; tls_cert_fingerprint; content:"73:2b:26:1f:d7:b2:ab:71:ea:b0:aa:33:52:b8:67:72:80:33:dd:0f"; reference:url, sslbl.abuse.ch/ssl-certificates/sha1/732b261fd7b2ab71eab0aa3352b867728033dd0f/; sid:903209258; rev:1;)

References

url	sslbl.abuse.ch/ssl-certificates/sha1/732b261fd7b2ab71eab0aa3352b867728033dd0f/

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!