#alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET TROJAN OSX.Pwnet.A Certificate Observed"; flow:established,from_server; content:"|55 04 03|"; content:"|08|vlone.cc"; distance:1; within:9; reference:url,sentinelone.com/blog/osx-pwnet-a-csgo-hack-and-sneaky-miner/; classtype:trojan-activity; sid:2024613; rev:1; metadata:created_at 2017_08_23, updated_at 2017_08_23;)

Added 2020-12-03 17:51:04 UTC


alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET TROJAN OSX.Pwnet.A Certificate Observed"; flow:established,from_server; content:"|55 04 03|"; content:"|08|vlone.cc"; distance:1; within:9; reference:url,sentinelone.com/blog/osx-pwnet-a-csgo-hack-and-sneaky-miner/; classtype:trojan-activity; sid:2024613; rev:1; metadata:created_at 2017_08_23, updated_at 2017_08_23;)

Added 2018-09-13 19:54:00 UTC


Added 2018-09-13 18:01:42 UTC


alert tls $EXTERNAL_NET any -> $HOME_NET any (msg:"ET TROJAN OSX.Pwnet.A Certificate Observed"; flow:established,from_server; content:"|55 04 03|"; content:"|08|vlone.cc"; distance:1; within:9; reference:url,sentinelone.com/blog/osx-pwnet-a-csgo-hack-and-sneaky-miner/; classtype:trojan-activity; sid:2024613; rev:1; metadata:created_at 2017_08_23, updated_at 2017_08_23;)

Added 2017-08-23 20:21:03 UTC


Topic revision: r1 - 2020-12-03 - TWikiGuest
 
This site is powered by the TWiki collaboration platform Powered by Perl This site is powered by the TWiki collaboration platformCopyright © Emerging Threats