Security Protection – Harry Waldron (WP) Rotating Header Image

Zeus Malware containing forged Ariva certificate circulating

Digital Certificates should only be loaded from trusted sources as they are sometimes used in advanced malware attacks

Malware Digitally Signed With Fake Certificate http://blogs.pcmag.com/securitywatch/2011/02/malware_digitally_signed_with.php
http://techblog.avira.com/2011/02/21/malware-signed-with-fake-avira-certificate/en/

QUOTE: German security software company Avira has uncovered a malware sample digitally signed with a fake certificate listing them as the signer. The certificate is issued to Avira GmbH and is valid from 2011-02-10 until 2039-31-12.  The malware itself is a member of the well-known Zbot/ZeuS malware family, and is spread via spammed e-mail. Its behavior is not new in any way. After running it deletes the original executable, sets itself to run when Windows starts, and contacts a command server for further instructions.

Leave a Reply