SSLBL: Malicious SSL certificate detected (Vidar C&C)
Sourceabuse.ch/sslbl-blacklist
Filesslblacklist_tls_cert.rules
CreatedFebruary 12, 2026
UpdatedFebruary 12, 2026
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"SSLBL: Malicious SSL certificate detected (Vidar C&C)" ; tls_cert_fingerprint; content:"84:01:fe:c5:2d:fa:2c:d6:63:12:5a:35:fe:11:30:cd:ea:51:a1:01" ; reference:url, sslbl.abuse.ch/ssl-certificates/sha1/8401fec52dfa2cd663125a35fe1130cdea51a101/ ; sid:903208913; rev:1;)
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!