# Copyright (c) 2014-2026 Maltrail developers (https://github.com/stamparm/maltrail/)
# See the file 'LICENSE' for copying permission

# Aliases: cve-2026-21643, ekz stealer

# Reference: https://x.com/DmitriyMelikov/status/2059728126779748688
# Reference: https://nvd.nist.gov/vuln/detail/CVE-2026-21643
# Reference: https://arcticwolf.com/resources/blog/forticlient-ems-exploited-via-cve-2026-35616-to-deliver-ekz-infostealer-disguised-as-a-fortinet-patch/
# Reference: https://github.com/rtkwlf/wolf-tools/blob/main/threat-intelligence/unattributed-fake-forticlient-update-cve-2026-35616/ekz-ioc-network.csv

http://83.138.53.110
