All the latest UK technology news, reviews and analysis

Malwarebytes uncovers digital certificate-spoofing Trojan

05 Feb 2013

Security vendor Malwarebytes has uncovered a banking Trojan capable of bypassing traditional security by spoofing legitimate digital certificates.

The certificate used by the malware is usually legitimate but it's now being sent out by a fake-company set up to get hold of the certificates from Digicert.

The certificate allows the hacker to sneak a malicious PDF file infected with the Trojan past most computer security systems. Malwarebytes said that the malware had already targeted a slew of high-profile firms.

"The malware is a banking/password stealer using email to spread. It appears to be a PDF invoice with a valid certificate issued to a real Brazilian software company which was issued by SSL certificate authority DigiCert," senior security researcher at Malwarebytes Jerome Segura told V3.

Digital certificates are coded signatures used by companies to guarantee the authenticity of a file they are sending.

The attack bears striking similarities to the Flame and Stuxnet malwares. Flame broke new ground in 2012 being the first malware able to mimic a Microsoft update certificate.

"This Trojan is a new breed of intelligent malware, able to fool even the most acclaimed digital certificate authorities. Cyber criminals are finding new and more deceitful ways to disguise malware as trustful programmes in order to attack systems and take your personal identity," said Segura.

Malwarebytes warned that attacks similar to the recently unearthed banking Trojan will grow to be one of the most dangerous cyber threats facing businesses.

"This problem will continue to get worse as it's too easy for anybody who does a bit of research to either impersonate a company or set up a fake website as if it were a company and then buy a certificate," said Segura.

"Once a Trojan like this gets into a business network computer, it will steal business-sensitive data. Business' IT departments must ensure they keep up to date with the latest threats in order to make sure commercial information doesn't get into the wrong hands."

Malwarebytes' warning follows a similar statement from technology firm BAE Systems Detica, which claimed enterprises must adapt their cyber strategies to combat the evolving cyber threat facing them.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus

Work location poll - office, remote or home?

Where do you spend most time working on your primary work device?

Popular Threads

Powered by Disqus
LG G Flex 2 hands-on review

CES 2015: LG G Flex 2 video

A closer look at LG's latest curved-screen smartphone

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Beacon technology: what are the opportunities and how does the technology work?

This paper seeks to provide education and technical insight to beacons, in addition to providing insight to Apple's iBeacon specification


Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Graduate/Trainee C# .NET Developer Bournemouth to £30k

Our Client is a brand new electricity supplier based...

C# / ASP.NET Principal/Lead Developer, Bournemouth, UK to £65K and benefits

Our Client is a brand new, British-owned and operated...

Marketing CRM Architect

CRM Architect Our client is the world’s leading multichannel...

Managed Service Architect

Managed Service Architect We’re looking for the very...
To send to more than one email address, simply separate each address with a comma.