Malware and other types of viruses have started to rely on stolen digital certificates

Image via MicrosoftIt seems that soon we will need to spend much more time for making a decision whether a program is legitimate or malicious. That’s because scammers have started to release more and more malware, which is signed with legitimate digital certificates. Experts highlight that these certificates are perfect for advanced attacks and can easily help scammers to infect even the most-secure machines.

Prior to these days, scammers have been trying to gain the access to digital certificates using quite primitive ways: they have simply been connecting to certificate authorities (CA’s) and presenting themselves as trusted entities. Luckily to them, they have managed to trick a couple of CAs without notifying these people that these certificates will be used for malicious purposes. However, it can be expected that soon these trickeries will be forgotten because they have started to steal valid digital certificates from software developers. According to the latest data, more than 12 of companies have already been injured by bad guys. Microsoft warns that this is just a beginning – attackers keep stealing new certificates at enormous speed.

Once a legitimate certificate is stolen, scammer uses it to sign malware code and gets ability to fool security defenses. The mostly known rogue anti-spyware, which is designed in such way, is Antivirus Security Pro.  It belongs to WinWebSec family of rogues. We wrote about it in 5th of December, 2013.  However, it seems that Sirefef family of malwares is also using the same scheme – the image on your left explains how scammers download signed copies of virus to people’s computers.

Please, be sure that your anti-virus and anti-spyware programs are updated to their latest versions. In addition, stay away from illegal websites and stop using illegal software.

 







Your opinion regarding Malware and other types of viruses have started to rely on stolen digital certificates

Spreading the knowledge:

It is very hard to fight Computer parasites alone in internet space. If you have a website we would be more than happy if you would help us to spread the knowledge about latest threats. You can help your visitors to manage their Computer system manually without aditional expences. Knowledge is the power, we just need to spread it.
add text box
rss feed
help other
Like us on Facebook
Latest spyware news:
Subscribe to spyware news
Please enter your e-mail address:
If you do not want to receive our spyware
newsletter, please unsubscribe here.
Ask us
Encyclopedia of parasites:
Library of files:
Tags:
Your main spyware remover is:
Spyware Doctor
Windows Defender
Spy Sweeper
AVG Anti-Spyware
SUPERAntiSpyware
Spybot - S&D
SpyHunter
Other program
I have two or more programs
I don't need no anti-spyware