dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
744
share rss forum feed


chachazz
Premium
join:2003-12-14
kudos:9
Reviews:
·TELUS

2 recommendations

Malwarebytes uncovers digital certificate-spoofing Trojan

quote:
Security vendor Malwarebytes has uncovered a banking Trojan capable of bypassing traditional security by spoofing legitimate digital certificates.

The certificate used by the malware is usually legitimate but it's now being sent out by a fake-company set up to get hold of the certificates from Digicert.

The certificate allows the hacker to sneak a malicious PDF file infected with the Trojan past most computer security systems. Malwarebytes said that the malware had already targeted a slew of high-profile firms.

"The malware is a banking/password stealer using email to spread. It appears to be a PDF invoice with a valid certificate issued to a real Brazilian software company which was issued by SSL certificate authority DigiCert," senior security researcher at Malwarebytes Jerome Segura told V3.
....reported by V3.co.UK


jaykaykay
4 Ever Young
Premium,MVM
join:2000-04-13
USA
kudos:24
Reviews:
·Cox HSI
·Speakeasy

»www.v3.co.uk/v3-uk/news/2241517/···-attacks, the link included in the article, is also most interesting. And disquieting.



chachazz
Premium
join:2003-12-14
kudos:9
Reviews:
·TELUS

quote:
The certificates were issues to a company called "Buster Paper Comercial Ltda" which apparently only existed on paper. The company was used to request a certificate from CA Digicert.

Digicert told CIO Magazine that it did issue the certificate because at the time "Buster Paper Comercial Ltda was a legally registered business as confirmed through the Brazilian Ministerio da Fazenda: Cadastro Sincronizado Nacional." The certificate has since been revoked.
Story @ The H Security


siljaline
I'm lovin' that double wide
Premium
join:2002-10-12
Montreal, QC
kudos:17
reply to chachazz

Also cited at MBAM Blog:
»blog.malwarebytes.org/intelligen···ous-mix/