Newly Found ZeuS Sample Signed with Fake Avira Certificate

  • 1 Replies
  • 988 Views
*

Offline Bugbatter

  • Microsoft® MVP
  • Administrator
  • Diamond Member
  • 10660
Newly Found ZeuS Sample Signed with Fake Avira Certificate
« on: February 21, 2011, 09:45:20 AM »
Security researchers warn that a newly identified ZeuS sample is signed with a fake digital certificate allegedly issued to German antivirus vendor Avira.

Code signing has been possible since the days of Windows NT, however, adoption of the technology was slow until Windows Vista and Windows 7, where UAC (User Access Control) alerts look significantly different for signed and unsigned executables.

Today it is common practice to sign installers as a method to verify they haven't been tampered with, as any modification made to the code would break the original signature.

Article continued HERE






Microsoft MVP Consumer Security 2006-2016
Microsoft Windows Insider MVP 2016-

*

Offline faith_michele

  • Anti - Phishing Staff
  • Gold Member
  • 1947
    • A Beacon of Light
Re: Newly Found ZeuS Sample Signed with Fake Avira Certificate
« Reply #1 on: February 21, 2011, 09:54:19 AM »
Thanks! :)1
Microsoft Consumer Security MVP, July 2007-June 2010

"Fight your fights, find the grace in all the things that you can't change and help somebody, if you can." Van Zant

A Beacon of Light