diff --git a/checkforbug.yara b/checkforbug.yara
new file mode 100644
index 0000000000000000000000000000000000000000..83d42168c1a89b08470b9f306c6c18620b6bfeab
--- /dev/null
+++ b/checkforbug.yara
@@ -0,0 +1,14 @@
+rule Detect_Record_Too_Short_For_MAC
+{
+    meta:
+        author = "Your Name"
+        description = "Detects the presence of the string 'Record too short for MAC:'"
+        date = "2025-01-12"
+        version = "1.0"
+
+    strings:
+        $string1 = "Record too short for MAC:" nocase
+
+    condition:
+        $string1
+}