All the latest UK technology news, reviews and analysis


Malwarebytes uncovers digital certificate-spoofing Trojan

05 Feb 2013
Hacker

Security vendor Malwarebytes has uncovered a banking Trojan capable of bypassing traditional security by spoofing legitimate digital certificates.

The certificate used by the malware is usually legitimate but it's now being sent out by a fake-company set up to get hold of the certificates from Digicert.

The certificate allows the hacker to sneak a malicious PDF file infected with the Trojan past most computer security systems. Malwarebytes said that the malware had already targeted a slew of high-profile firms.

"The malware is a banking/password stealer using email to spread. It appears to be a PDF invoice with a valid certificate issued to a real Brazilian software company which was issued by SSL certificate authority DigiCert," senior security researcher at Malwarebytes Jerome Segura told V3.

Digital certificates are coded signatures used by companies to guarantee the authenticity of a file they are sending.

The attack bears striking similarities to the Flame and Stuxnet malwares. Flame broke new ground in 2012 being the first malware able to mimic a Microsoft update certificate.

"This Trojan is a new breed of intelligent malware, able to fool even the most acclaimed digital certificate authorities. Cyber criminals are finding new and more deceitful ways to disguise malware as trustful programmes in order to attack systems and take your personal identity," said Segura.

Malwarebytes warned that attacks similar to the recently unearthed banking Trojan will grow to be one of the most dangerous cyber threats facing businesses.

"This problem will continue to get worse as it's too easy for anybody who does a bit of research to either impersonate a company or set up a fake website as if it were a company and then buy a certificate," said Segura.

"Once a Trojan like this gets into a business network computer, it will steal business-sensitive data. Business' IT departments must ensure they keep up to date with the latest threats in order to make sure commercial information doesn't get into the wrong hands."

Malwarebytes' warning follows a similar statement from technology firm BAE Systems Detica, which claimed enterprises must adapt their cyber strategies to combat the evolving cyber threat facing them.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson
About

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus
Related jobs
Poll

Windows 10 poll

What are your first impressions of Windows 10?
12%
5%
10%
3%
19%
3%
48%

Popular Threads

Powered by Disqus
V3 Sungard roundtable event - Cloud computing security reliability and scalability discussion

CIOs debate how to overhaul businesses for the digital era

V3 hosts roundtable with Sungard Availability Services

Updating your subscription status Loading
Newsletters

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button
hpv3may

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging

ibmv3may

Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Business Sales Executive

Position: Business Development Executive, B2B Support...

Database Administrator ( DBA) MySQL, MariaDB

Database Administrator ( DBA) MySQL, MariaDB Database...

Prime Brokerage - Support AVP - Investment Bank - £75k

***Prime Brokerage - Application Support AVP Investment...

Java Developer - Scala

Java Developer - Scala Our client, a major disruptive...
To send to more than one email address, simply separate each address with a comma.