Researchers at Trend Micro have found that a widespread piece of malware used a digital certificate from a competing security company's product in an attempt to look legitimate.
The malware is Zeus, a bot that is used to steal all kinds of data from computers and has proved to be a tricky application for security companies to detect.
The version of Zeus detected by Trend Micro had a digital certificate belonging to Kaspersky's Zbot product, which is designed to remove Zeus. The certificate -- which is verified during a software installation to ensure a program is what it purports to be -- was expired, however.
Also, the malware's hash value, a unique numerical identifier based on the source code for applications, was incorrect, as it was derived on the Kaspersky tool, according to a blog post written by Trend Micro.
More: http://www.computerworld.com/s/article/9180259/
............................................................................................
The malware is Zeus, a bot that is used to steal all kinds of data from computers and has proved to be a tricky application for security companies to detect.
The version of Zeus detected by Trend Micro had a digital certificate belonging to Kaspersky's Zbot product, which is designed to remove Zeus. The certificate -- which is verified during a software installation to ensure a program is what it purports to be -- was expired, however.
Also, the malware's hash value, a unique numerical identifier based on the source code for applications, was incorrect, as it was derived on the Kaspersky tool, according to a blog post written by Trend Micro.
More: http://www.computerworld.com/s/article/9180259/
