Sony Pictures hacking led not only to leak of sensitive data about employees, but also the fees with the stars, the future of digital copies of movies and postal correspondence top managers. Yesterday it was reported on yet another effect: "Kaspersky Lab" version of the malware found Destover, digitally signed by Sony.
That is, in the "wrong hands" of groups #GOP were, among others, and digital certificates that are used to sign software.
"LC" recalls that the family of Trojans used for Destover DarkSeoul attack against South Korea in March 2013, as well as the current attack on Sony.
New sample Trojan Destover signed using a valid digital certificate from Comodo. Date of issue - Dec. 5, 2014.
he same sample previously was met, but without a signature. It hash is MD5: 6467c6df4ba4526c7f7a7bc950bd47eb, and build date is listed as July 2014.
Theoretically, the digital signature increases the efficiency of malware, but in reality, modern antivirus software is completely determined and malware.
Source: xaker.ru
No comments:
Post a Comment