All the latest UK technology news, reviews and analysis

Malwarebytes uncovers digital certificate-spoofing Trojan

05 Feb 2013

Security vendor Malwarebytes has uncovered a banking Trojan capable of bypassing traditional security by spoofing legitimate digital certificates.

The certificate used by the malware is usually legitimate but it's now being sent out by a fake-company set up to get hold of the certificates from Digicert.

The certificate allows the hacker to sneak a malicious PDF file infected with the Trojan past most computer security systems. Malwarebytes said that the malware had already targeted a slew of high-profile firms.

"The malware is a banking/password stealer using email to spread. It appears to be a PDF invoice with a valid certificate issued to a real Brazilian software company which was issued by SSL certificate authority DigiCert," senior security researcher at Malwarebytes Jerome Segura told V3.

Digital certificates are coded signatures used by companies to guarantee the authenticity of a file they are sending.

The attack bears striking similarities to the Flame and Stuxnet malwares. Flame broke new ground in 2012 being the first malware able to mimic a Microsoft update certificate.

"This Trojan is a new breed of intelligent malware, able to fool even the most acclaimed digital certificate authorities. Cyber criminals are finding new and more deceitful ways to disguise malware as trustful programmes in order to attack systems and take your personal identity," said Segura.

Malwarebytes warned that attacks similar to the recently unearthed banking Trojan will grow to be one of the most dangerous cyber threats facing businesses.

"This problem will continue to get worse as it's too easy for anybody who does a bit of research to either impersonate a company or set up a fake website as if it were a company and then buy a certificate," said Segura.

"Once a Trojan like this gets into a business network computer, it will steal business-sensitive data. Business' IT departments must ensure they keep up to date with the latest threats in order to make sure commercial information doesn't get into the wrong hands."

Malwarebytes' warning follows a similar statement from technology firm BAE Systems Detica, which claimed enterprises must adapt their cyber strategies to combat the evolving cyber threat facing them.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus

Tech gifts for Christmas 2014

Is a new tablet on your wish list this festive season, or have they become yesterday’s fad?

Popular Threads

Powered by Disqus
iPhone 6 is available in silver gold and space grey

iPhone 6 video review

The best iOS handset to date

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging


Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

Systems Analyst Windows Server Linux Banking Finance London

Systems Analyst (Microsoft Windows Server 2008/2012 R2...

IT Technical Support Analyst

Job purpose : To provide IT support, troubleshooting...

Customer Engineer

Customer Engineer Job Description: Perform...

Network Support Officer

To send to more than one email address, simply separate each address with a comma.