Enterprising cybercriminals are selling counterfeit digital certificates that allow hackers to disguise their malware as legitimate software, according to a new report from the cybersecurity firm Recorded Future. The fraudulent files, which act like valid code signing certificates, render malware invisible to a large number of anti-virus engines. “It’s not a cheap commodity,” said Andrei Barysevich, Recorded Future’s director of advanced collection. “But once you sign a payload with the certificate, then the file becomes pretty much undetectable by any antivirus out there.” Barysevich’s team found a small group of independent vendors in the Eastern European cybercrime markets selling counterfeit code signing certificates to Russian-speaking customers. The fake certificates are not stolen from legitimate owners but are instead created using real information that can deliver a unique, working and effectively real certificate to hackers willing to pay. A 2017 paper from the University of Maryland highlighted the issue and showed that digitally […]
The post Criminals sell counterfeit certificates to make malware look legitimate appeared first on Cyberscoop.
Continue reading Criminals sell counterfeit certificates to make malware look legitimate→