CIO: Malware Strikes With Valid Digital Certificate

/Home/Internet Security: Articles/Internet Security: CIO/CIO: 2013

We rely upon digital certificates and certificate authorities to validate that online entities are who they say they are, but security firm Malwarebytes recently found a banking Trojan with a valid, signed digital certificate.

By Thor Olavsrud
February 04, 2013

One of the foundational elements of ecommerce is the web of trust enabled by digital certificates. When you go to a web site, you can feel confident that it's legitimate because it has a certificate from a recognized certificate authority that validates it. But the certificates themselves can be vulnerable. Case in point: Security firm Malwarebytes recently discovered some malware in the wild with a valid, signed digital certificate.

Click the URL above to read the full article