Some two months ago, the world found out about the Stuxnet - the worm that used the Windows .lnk file vulnerability in order to spread through removable drives of systems running Siemens SCADA software.
One of the reason Stuxnet was able to propagate so fast and wide is because it was signed by a stolen digital certificates - one of which belongs to Realtek Semiconductor Corp., a hardware manufacturer from Taiwan.
Fast forward two months, and a Zscaler researcher detects another piece of malware signed with a digital signature belonging to Realtek: a variant of the Lethic Trojan. The only difference is that in the Stuxnet case, the software was seemingly verified by the certificate autority - as one can see in the following PE File Version Info data structure:
More: http://www.net-security.org/malware_news.php?id=1528
............................................................................................
Site Admin / Security Administrator
Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.
One of the reason Stuxnet was able to propagate so fast and wide is because it was signed by a stolen digital certificates - one of which belongs to Realtek Semiconductor Corp., a hardware manufacturer from Taiwan.
Fast forward two months, and a Zscaler researcher detects another piece of malware signed with a digital signature belonging to Realtek: a variant of the Lethic Trojan. The only difference is that in the Stuxnet case, the software was seemingly verified by the certificate autority - as one can see in the following PE File Version Info data structure:
More: http://www.net-security.org/malware_news.php?id=1528
Site Admin / Security Administrator
Virus Removal ~ OS Support ~ Have we helped you? Help us! ~ GeekChat
- Please PM me if I fail to respond within 24hrs.