ET COINMINER W32/BitCoinMiner Fake Flash Player Distribution Campaign - December 2013
Sourceet/open
Fileemerging-coinminer.rules
CreatedDecember 17, 2013
UpdatedMarch 18, 2024
Classificationcoin-mining
alert http $HOME_NET any -> $EXTERNAL_NET any (msg:"ET COINMINER W32/BitCoinMiner Fake Flash Player Distribution Campaign - December 2013"; flow:established,to_server ; http.uri; content:"/blam/flashplayerv"; nocase; reference:url,blog.malwarebytes.org/fraud-scam/2013/12/fake-flash-player-wants-to-go-mining/ ; reference:url,esearch.zscaler.com/2013/12/bitcoin-mining-operation-seen-across.html ; classtype:coin-mining; sid:2017874; rev:3; metadata:attack_target Client_Endpoint, created_at 2013_12_17, deployment Perimeter, confidence High, signature_severity Major, tag Coinminer, updated_at 2024_03_18, mitre_tactic_id TA0040, mitre_tactic_name Impact, mitre_technique_id T1496, mitre_technique_name Resource_Hijacking;)
References
Metadata
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!