Report: Digitally signed rootkit in crack software

Discussion in 'Serious Discussion' started by harkaz, Aug 27, 2017.

  1. Katzenfreund

    Katzenfreund MDL Expert

    Jul 15, 2016
    1,372
    814
    60
    I've never paid too much attention to certificates and have visited innumerable sites despite browser warning that their certificate was not in order.
     
  2. MS_User

    MS_User MDL Guru

    Nov 30, 2014
    3,234
    624
    120
    this looks only dangerous for users of bitcoins.
     
  3. Yen

    Yen Admin
    Staff Member

    May 6, 2007
    11,683
    11,755
    340
    #23 Yen, Sep 18, 2017
    Last edited: Sep 18, 2017
    The topic concerns all of us! :rolleyes:

    Why should it apply to bitcoin users only?
    The example is signed malware that is related to bitcoin, but it is just an example.

    Malware is malware and digitally signed malware with a trusted certificate is even worse!

    IMHO one of the most dangerous and still simple kind of malware is a keylogger.


    It's not SSL/TLS server certificate related. It's all about installations which are a sort of trusted by the system such as drivers:

    https://docs.microsoft.com/en-us/windows-hardware/drivers/install/digital-signatures
    https://msdn.microsoft.com/en-us/library/ms537361.aspx
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. Joe C

    Joe C MDL Guru

    Jan 12, 2012
    3,025
    1,721
    120
    A current example :
    CCleaner v5.33 hacked
    http://blog.talosintelligence.com/2017/09/avast-distributes-malware.html
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. MS_User

    MS_User MDL Guru

    Nov 30, 2014
    3,234
    624
    120
    i agree even if im not a bitcoins user...i dont want any kind malware sitting in my comp i dont know what else it could do.