gwillem
commented
6 years ago Thanks! Have added a burner domain (with about 1K occurrences). The rest was already covered or not found in the wild (anymore).
Closed jonashrem closed 6 years ago
gwillem
commented
6 years ago Thanks! Have added a burner domain (with about 1K occurrences). The rest was already covered or not found in the wild (anymore).
As far as I see, those are not included yet.
See here https://www.flashpoint-intel.com/blog/compromised-magento-sites-delivering-malware/ and https://www.flashpoint-intel.com/wp-content/uploads/2018/04/rarog_yara_rule.txt
for details.
I'm not sure about the best way to convert this to regex here, so I didn't create a pull request.