################################################################
# abuse.ch Feodo Tracker Suricata / Snort Ruleset              #
# Last updated: 2024-05-27 20:05:51 UTC                        #
#                                                              #
# Terms Of Use: https://feodotracker.abuse.ch/blocklist/       #
# For questions please contact feodotracker [at] abuse.ch      #
################################################################
#
alert tcp $HOME_NET any -> [192.9.135.73] 1194 (msg:"Feodo Tracker: potential Pikabot CnC Traffic detected"; threshold: type limit, track by_src, seconds 60, count 1; classtype:trojan-activity; reference:url, feodotracker.abuse.ch/browse/host/192.9.135.73/; sid:900512344; rev:1;)
# END 1 entries