alert dns $HOME_NET any -> any any (msg:"ET TROJAN Injected WP Keylogger/Coinminer Domain Detected (cloudflare .solutions in DNS Lookup)"; dns_query; content:"cloudflare.solutions"; isdataat:!1,relative; metadata: former_category TROJAN; reference:url,blog.sucuri.net/2017/12/cloudflare-solutions-keylogger-on-thousands-of-infected-wordpress-sites.html; classtype:trojan-activity; sid:2025141; rev:2; metadata:affected_product Apache_HTTP_server, attack_target Web_Server, deployment Datacenter, signature_severity Major, created_at 2017_12_07, malware_family CoinMiner?, performance_impact Moderate, updated_at 2017_12_07;)

Added 2017-12-07 16:36:02 UTC


Topic revision: r1 - 2017-12-07 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats