[Snort-sigs] Feodo Botnet

Arbeiter, Stefan (K-SIS-O/1) stefan.arbeiter at ...3878...
Fri Jan 24 08:34:38 EST 2014


Hi all,

malwaremustdie has additional details:

http[://]malwaremustdie.blogspot[.]de/2013/01/cridex-fareit-infection-analysis.html?spref=tw&m=1

including this User-Agent

Mozilla/5.0 (Windows; U; MSIE 7.0; Windows NT 6.0; en-US

No FP so far.

Von: James Lay [mailto:jlay at ...3266...]
Gesendet: Freitag, 24. Januar 2014 12:59
An: snort-sigs at lists.sourceforge.net
Betreff: Re: [Snort-sigs] Feodo Botnet

On Fri, 2014-01-24 at 11:36 +0100, Lukas Matt wrote:



Hi guys,



our sources are reporting heavy spam loads created by the Feodo Botnet.

A quick search on the rules produced no result.



Does guys (https://feodotracker.abuse.ch/blocklist.php?download=snort)

wrote already some IPS rules.



Will there be a update in future?



Regards,

Lukas



Nice work..thank you.

James
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20140124/1182cb56/attachment.html>


More information about the Snort-sigs mailing list