SSLBL: Malicious SSL certificate detected (ACRStealer C&C)

SID: 903209606Rev: 10 views
Sourcesslbl/ssl-fp-blacklist
CreatedApril 30, 2026
UpdatedApril 30, 2026
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"SSLBL: Malicious SSL certificate detected (ACRStealer C&C)"; tls_cert_fingerprint; content:"de:f4:5d:95:41:61:dc:6b:f4:20:13:1f:90:0b:d7:cd:9f:d6:88:c1"; reference:url, sslbl.abuse.ch/ssl-certificates/sha1/def45d954161dc6bf420131f900bd7cd9fd688c1/; sid:903209606; rev:1;)

References

urlsslbl.abuse.ch/ssl-certificates/sha1/def45d954161dc6bf420131f900bd7cd9fd688c1/

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!