[Snort-sigs] Bleedingsnort.com Daily Update

bleeding at ...2727... bleeding at ...2727...
Mon Apr 18 18:02:01 EDT 2005


[***] Results from Oinkmaster started Mon Apr 18 20:00:04 2005 [***]

[+++]          Added rules:          [+++]

 2001851 - BLEEDING-EDGE MALWARE Thinking Media Spyware User Agent (bleeding-malware.rules)
 2001852 - BLEEDING-EDGE MALWARE 404Search Spyware User Agent (bleeding-malware.rules)
 2001853 - BLEEDING-EDGE MALWARE Easy Search Bar Spyware User Agent (bleeding-malware.rules)
 2001854 - BLEEDING-EDGE MALWARE EZULA Spyware User Agent (bleeding-malware.rules)
 2001855 - BLEEDING-EDGE MALWARE Fun Web Products Spyware User Agent (bleeding-malware.rules)
 2001856 - BLEEDING-EDGE MALWARE Fun Web Products Spyware User Agent (bleeding-malware.rules)
 2001857 - BLEEDING-EDGE MALWARE Enhance My Search Spyware User Agent (bleeding-malware.rules)
 2001858 - BLEEDING-EDGE MALWARE Hotbar Spyware User Agent (bleeding-malware.rules)
 2001859 - BLEEDING-EDGE MALWARE Cool Web Search Spyware User Agent (bleeding-malware.rules)
 2001860 - BLEEDING-EDGE MALWARE Kontiki Spyware User Agent (bleeding-malware.rules)
 2001861 - BLEEDING-EDGE MALWARE Micro-Gaming Spyware User Agent (bleeding-malware.rules)
 2001862 - BLEEDING-EDGE MALWARE Surf Assistant Spyware User Agent (bleeding-malware.rules)
 2001863 - BLEEDING-EDGE MALWARE Fun Web Products Spyware User Agent (bleeding-malware.rules)
 2001864 - BLEEDING-EDGE MALWARE Fun Web Products Spyware User Agent (bleeding-malware.rules)
 2001865 - BLEEDING-EDGE MALWARE Fun Web Products Spyware User Agent (bleeding-malware.rules)
 2001866 - BLEEDING-EDGE MALWARE Smartpops/Mediaload Spyware User Agent (bleeding-malware.rules)
 2001867 - BLEEDING-EDGE MALWARE Search Engine 2000 Spyware User Agent (bleeding-malware.rules)
 2001868 - BLEEDING-EDGE MALWARE SureSeeker Spyware User Agent (bleeding-malware.rules)
 2001869 - BLEEDING-EDGE MALWARE Sidesearch Spyware User Agent (bleeding-malware.rules)
 2001870 - BLEEDING-EDGE MALWARE Surfplayer Spyware User Agent (bleeding-malware.rules)
 2001871 - BLEEDING-EDGE MALWARE Target Saver Spyware User Agent (bleeding-malware.rules)
 2001872 - BLEEDING-EDGE MALWARE Visicom Spyware User Agent (bleeding-malware.rules)


[///]     Modified active rules:     [///]

 2001487 - BLEEDING-EDGE Malware Tibsystems Spyware Activity (bleeding-malware.rules)
 2001703 - BLEEDING-EDGE Malware Context Plus Spyware Activity (bleeding-malware.rules)
 2001706 - BLEEDING-EDGE Malware Context Plus Spyware Activity (bleeding-malware.rules)


[+++]      Added non-rule lines:     [+++]

     -> Added to bleeding-malware.rules (4):
        # These are user agent string from the user agents project:
        #  http://www.bleedingsnort.com/article.php?story=20050303190103553
        #  These will hit on traffic generated by spyware agents and installers
        # The user agent sigs from all types of spyware are consolidated here

     -> Added to bleeding-sid-msg.map (22):
        2001851 || BLEEDING-EDGE MALWARE Thinking Media Spyware User Agent || url,www.bleedingsnort.com/article.php?story=20050303190103553
        2001852 || BLEEDING-EDGE MALWARE 404Search Spyware User Agent || url,www.bleedingsnort.com/article.php?story=20050303190103553
        2001853 || BLEEDING-EDGE MALWARE Easy Search Bar Spyware User Agent || url,www.bleedingsnort.com/article.php?story=20050303190103553
        2001854 || BLEEDING-EDGE MALWARE EZULA Spyware User Agent || url,www.bleedingsnort.com/article.php?story=20050303190103553
        2001855 || BLEEDING-EDGE MALWARE Fun Web Products Spyware User Agent || url,www.bleedingsnort.com/article.php?story=20050303190103553
        2001856 || BLEEDING-EDGE MALWARE Fun Web Products Spyware User Agent || url,www.bleedingsnort.com/article.php?story=20050303190103553
        2001857 || BLEEDING-EDGE MALWARE Enhance My Search Spyware User Agent || url,www.bleedingsnort.com/article.php?story=20050303190103553
        2001858 || BLEEDING-EDGE MALWARE Hotbar Spyware User Agent || url,www.bleedingsnort.com/article.php?story=20050303190103553
        2001859 || BLEEDING-EDGE MALWARE Cool Web Search Spyware User Agent || url,www.bleedingsnort.com/article.php?story=20050303190103553
        2001860 || BLEEDING-EDGE MALWARE Kontiki Spyware User Agent || url,www.bleedingsnort.com/article.php?story=20050303190103553
        2001861 || BLEEDING-EDGE MALWARE Micro-Gaming Spyware User Agent || url,www.bleedingsnort.com/article.php?story=20050303190103553
        2001862 || BLEEDING-EDGE MALWARE Surf Assistant Spyware User Agent || url,www.bleedingsnort.com/article.php?story=20050303190103553
        2001863 || BLEEDING-EDGE MALWARE Fun Web Products Spyware User Agent || url,www.bleedingsnort.com/article.php?story=20050303190103553
        2001864 || BLEEDING-EDGE MALWARE Fun Web Products Spyware User Agent || url,www.bleedingsnort.com/article.php?story=20050303190103553
        2001865 || BLEEDING-EDGE MALWARE Fun Web Products Spyware User Agent || url,www.bleedingsnort.com/article.php?story=20050303190103553
        2001866 || BLEEDING-EDGE MALWARE Smartpops/Mediaload Spyware User Agent || url,www.bleedingsnort.com/article.php?story=20050303190103553
        2001867 || BLEEDING-EDGE MALWARE Search Engine 2000 Spyware User Agent || url,www.bleedingsnort.com/article.php?story=20050303190103553
        2001868 || BLEEDING-EDGE MALWARE SureSeeker Spyware User Agent || url,www.bleedingsnort.com/article.php?story=20050303190103553
        2001869 || BLEEDING-EDGE MALWARE Sidesearch Spyware User Agent || url,www.bleedingsnort.com/article.php?story=20050303190103553
        2001870 || BLEEDING-EDGE MALWARE Surfplayer Spyware User Agent || url,www.bleedingsnort.com/article.php?story=20050303190103553
        2001871 || BLEEDING-EDGE MALWARE Target Saver Spyware User Agent || url,www.bleedingsnort.com/article.php?story=20050303190103553
        2001872 || BLEEDING-EDGE MALWARE Visicom Spyware User Agent || url,www.bleedingsnort.com/article.php?story=20050303190103553





More information about the Snort-sigs mailing list