Interesting People mailing list archives
Stuxnet-style code signing is more widespread than anyone thought
From: "DAVID FARBER" <dfarber () me com>
Date: Sat, 04 Nov 2017 13:20:17 -0400
Begin forwarded message:
From: Lauren Weinstein <lauren () vortex com> Date: November 4, 2017 at 12:53:41 PM EDT To: nnsquad () nnsquad org Subject: [ NNSquad ] Stuxnet-style code signing is more widespread than anyone thought Stuxnet-style code signing is more widespread than anyone thought https://arstechnica.com/information-technology/2017/11/evasive-code-signed-malware-flourished-before-stuxnet-and-still-does/ Now, researchers have presented proof that digitally signed malware is much more common than previously believed. What's more, it predated Stuxnet, with the first known instance occurring in 2003. The researchers said they found 189 malware samples bearing valid digital signatures that were created using compromised certificates issued by recognized certificate authorities and used to sign legitimate software. In total, 109 of those abused certificates remain valid. The researchers, who presented their findings Wednesday at the ACM Conference on Computer and Communications Security, found another 136 malware samples signed by legitimate CA-issued certificates, although the signatures were malformed. - - - --Lauren-- Lauren Weinstein (lauren () vortex com): https://www.vortex.com/lauren Lauren's Blog: https://lauren.vortex.com Google Issues Mailing List: https://vortex.com/google-issues Founder: Network Neutrality Squad: https://www.nnsquad.org PRIVACY Forum: https://www.vortex.com/privacy-info Co-Founder: People For Internet Responsibility: https://www.pfir.org/pfir-info Member: ACM Committee on Computers and Public Policy Google+: https://google.com/+LaurenWeinstein Twitter: https://twitter.com/laurenweinstein Tel: +1 (818) 225-2800 --- Impeach Trump --- _______________________________________________ nnsquad mailing list https://lists.nnsquad.org/mailman/listinfo/nnsquad
------------------------------------------- Archives: https://www.listbox.com/member/archive/247/=now RSS Feed: https://www.listbox.com/member/archive/rss/247/18849915-ae8fa580 Modify Your Subscription: https://www.listbox.com/member/?member_id=18849915&id_secret=18849915-aa268125 Unsubscribe Now: https://www.listbox.com/unsubscribe/?member_id=18849915&id_secret=18849915-32545cb4&post_id=20171104132027:717133B0-C184-11E7-97E3-8B74A7A6BD17 Powered by Listbox: http://www.listbox.com
Current thread:
- Stuxnet-style code signing is more widespread than anyone thought DAVID FARBER (Nov 04)