Ambitious malware variant signed with fake digital signature
Posted on 21.02.2011
New Zeus variants and spam campaigns that try to spread them far and wide are almost a daily occurrence, but once in a while some get more attention by security researchers than others.

This latest one has been singled out by Avira's researcher simply because the malware variant has been signed with a digital certificate issued to the company - or so it may seem at first glance.

Upon closer inspection, one can notice that something is wrong:


"Microsoft Windows shows a note 'A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider'," points out the researcher. "Donít misunderstand that message Ė it means that this certificate is not created by Avira GmbH and therefore itís not a stolen certificate."

This is not the first time that a Zeus variant has been discovered hiding behind a seemingly legitimate digital certificate - last time, Zeus peddlers used the digital signature for a Kaspersky tool designed to clean computers from precisely that Trojan family.






Spotlight

USBdriveby: Compromising computers with a $20 microcontroller

Posted on 19 December 2014.  |  Security researcher Samy Kamkar has devised a fast and easy way to compromise an unlocked computer and open a backdoor on it: a simple and cheap ($20) pre-programmed Teensy microcontroller.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Dec 19th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //