Security is Freedom

Fraudulent Certificates Used In Malware

Posted by Robert Vamosi on 2/7/13 8:50 AM | Estimated Reading Time:

Find me on:

One way to evade malware protection is to use fraudulent digital certificates to sign your malware.

According to Malwarebytes, malware is using a fraudulent digital certificate issued by Comodo for “Buster Paper Comercial Ltda”, a bogus Brazilian company. Because the cert is valid with a known certificate authority, the browser will accept it, and thus allow the malware to run. And, potentially, evade anti-malware protection.

After posting this blog, the malware links to sites located on Egnyte have been taken down, and the certificate revoked by DigiCert.

Topics: malwarebyte, buster paper comerical, Internet of Things

Leave A Comment