E-criminals are increasingly using digitally signed malware to try to circumvent computer-security measures, according to security company McAfee.
The number of unique malicious binaries that use digital signatures to try to trick users, admins, and security software into trusting and running malware jumped from almost zero at the beginning of January 2012 to more than 200,000 samples at the end of March, McAfee researcher Craig Schmugar said in a blog post on Friday.
Read this
Ten computer viruses that changed the world
“Much of this malware is signed with stolen certificates, while other binaries are self-signed, or ‘test signed’,” said Schmugar. “Test signing is sometimes used as part of a social engineering attack.”
Test-signing is particularly useful on Microsoft’s 64-bit Windows operating system, which automatically disables unsigned drivers, said Schmugar. Test-signing lets developers circumvent driver-signing, but can also be used by e-criminals, said McAfee.
Digital certificate compromises of companies including DigiNotar and Comodo last year raised the profile of certificate hacks. Malware such as Stuxnet and Duqu, which targeted industrial systems, were digitally signed.
View full post on National Cyber Security » Virus/Malware/Worms