Malware with Government Signature

I was browsing reddit and I came upon this link that showed a piece of malware with a signature belonging to the Malaysian government. While reading this article I saw that the attackers steal the code-signing certificates just so they can sign the code as if they are someone else.

I thought this was very interesting because I knew of phishing attacks are usually the ones were the attacker pretends to be someone else, but now it’s malware as well. The article mentioned that the Malaysian government was notified of this malware with their signature on it, but this made me wonder if they can steal government-type signatures, can they also pretend to be the U.S. government?

http://www.f-secure.com/weblog/archives/00002269.html

Advertisements

3 thoughts on “Malware with Government Signature

  1. This is a great example of social engineering. If people think these messages are coming from trusted government official they are much more likely to open them.

  2. I personally would like to think that as soon as the US Gov heard about this incident they made some changes so that our signatures could not be stolen and used in ways other than they were intended for.

  3. This seems like it would trick a lot of people. Social engineers have began to adapt to people becoming aware of threats from them. The U.S. Government , being aware of how it happened to the Malaysian Government, I do not think would let this happen.

Comments are closed.