Ask Fitis, the Bear: Real Crooks Sign Their Malware: Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. Both of these qualities make stolen or ill-gotten code-signing certificates attractive to cybercriminal groups, who prize their ability to add stealth and longevity to malicious software. This post is a deep dive on "Megatraffer," a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. #Krebs #Cybersecurity
Publicación de James Quilty
Más publicaciones relevantes
-
Krebs on security Ask Fitis, the Bear: Real Crooks Sign Their Malware: Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. Both of these qualities make stolen or ill-gotten code-signing certificates attractive to cybercriminal groups, who prize their ability to add stealth and longevity to malicious software. This post is a deep dive on "Megatraffer," a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015.
Ask Fitis, the Bear: Real Crooks Sign Their Malware
krebsonsecurity.com
Inicia sesión para ver o añadir un comentario.
-
Ask Fitis, the Bear: Real Crooks Sign Their Malware: Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. Both of these qualities make stolen or ill-gotten code-signing certificates attractive to cybercriminal groups, who prize their ability to add stealth and longevity to malicious software. This post is a deep dive on "Megatraffer," a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015.
Ask Fitis, the Bear: Real Crooks Sign Their Malware
krebsonsecurity.com
Inicia sesión para ver o añadir un comentario.
-
A new type of malware dubbed “Wavestealer” has been identified. This malicious software reportedly steals sensitive information such as login credentials and credit card data from unsuspecting users. Wavestealer is designed to infiltrate computer systems silently and remains undetected by most conventional antivirus programs. Check out the full article on CyberSecurity News 👉 https://bit.ly/3Uf8OTF #cyber #cybersecurity #security #malware #software #cybercrime #cyberattack
New Wavestealer Spotted in Wild Stealing Login Credentials & Credit Card Data
cybersecurity-now.co.uk
Inicia sesión para ver o añadir un comentario.
-
Penetration Tester and Ethical Hacker | Risk Identification and Management Professional | Defensive Security Engineer | Governance and Compliance Analyst
As more malware is being signed with code-signing certificates, this creates risks. Signed code tends to be trusted moreso than unsigned code. Endpoint detection software trust signed code more than unsigned code. With services like Let's Encrypt which provides free certificates, the only cost to the threat actors is time to setup the service and sign the code. #cybersecurity
Ask Fitis, the Bear: Real Crooks Sign Their Malware
krebsonsecurity.com
Inicia sesión para ver o añadir un comentario.
-
Have you been following the story of Megatraffer, the veteran Russian hacker? Very interesting read: https://hubs.la/Q01VYYnN0 #CyberSecurity #Malware #Code-signing #Megatraffer
Ask Fitis, the Bear: Real Crooks Sign Their Malware
krebsonsecurity.com
Inicia sesión para ver o añadir un comentario.
-
Info-stealers like RedLine typically are deployed via opportunistic email malware campaigns, and by secretly bundling the trojans with cracked versions of popular software titles made available online. Credentials stolen by info-stealers often end up for sale on cybercrime shops that peddle purloined passwords and authentication cookies (these logs also often show up in the malware scanning service VirusTotal). #cyberthreats #cybersecurity #credentialtheft #authentication
FBI Hacker Dropped Stolen Airbus Data on 9/11
krebsonsecurity.com
Inicia sesión para ver o añadir un comentario.
-
Info-stealers like RedLine typically are deployed via opportunistic email malware campaigns, and by secretly bundling the trojans with cracked versions of popular software titles made available online. Credentials stolen by info-stealers often end up for sale on cybercrime shops that peddle purloined passwords and authentication cookies (these logs also often show up in the malware scanning service VirusTotal).
FBI Hacker Dropped Stolen Airbus Data on 9/11
krebsonsecurity.com
Inicia sesión para ver o añadir un comentario.
-
Malicious ads and bogus websites are acting as a conduit to deliver two different stealer malware, including Atomic Stealer, targeting Apple macOS users. The ongoing infostealer attacks targeting macOS users may have adopted different methods to compromise victims' Macs, but operate with the end goal of stealing sensitive data, Jamf Threat Labs said in a report published Friday. One such attack chain targets users searching for Arc Browser on search engines like Google to serve bogus ads that redirect users to look-alike sites ("airci[.]net") that serve the malware. "Interestingly, the malicious website cannot be accessed directly, as it returns an error," security researchers Jaron Bradley, Ferdous Saljooki, and Maggie Zirnhelt said. "It can only be accessed through a generated sponsored link, presumably to evade detection." The disk image file downloaded from the counterfeit website ("ArcSetup.dmg") delivers Atomic Stealer, which is known to request users to enter their system passwords via a fake prompt and ultimately facilitate information theft. #MacOSMalware #InfoStealer #AtomicStealer #CyberSecurityThreat #MaliciousAds #BogusWebsites #MacOSSecurity #CyberAttack #DataTheft #JamfThreatLabs #CyberSecurityReport
Hackers Target macOS Users with Malicious Ads Spreading Stealer Malware
thehackernews.com
Inicia sesión para ver o añadir un comentario.