SSLBL: Malicious SSL certificate detected (ACRStealer C&C)
Sourceabuse.ch/sslbl-blacklist
Filesslblacklist_tls_cert.rules
CreatedJuly 11, 2026
UpdatedJuly 11, 2026
alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"SSLBL: Malicious SSL certificate detected (ACRStealer C&C)" ; tls_cert_fingerprint; content:"a1:33:ce:08:8d:9e:ad:15:85:5e:13:43:b8:e6:43:73:6d:47:d7:d9" ; reference:url, sslbl.abuse.ch/ssl-certificates/sha1/a133ce088d9ead15855e1343b8e643736d47d7d9/ ; sid:903210124; rev:1;)
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!