Certified online banking trojan in the wild

Code certificate laissez-faire leads to banking Trojans:
http://www.welivesecurity.com/2013/02/21/code-certificate-laissez-faire-banking-trojans/

 

Did Trusteer Rapport flag it, quarantine it, or miss it? Just French banks! Odd.

 

Thanks for the warning BUT what am or any user supposed to do to mitigate this threat?

Where do I find the certificates in use on my PC and how do I know if they are valid?

 

Time to stop allowing digital signatures with Online Armor unless trusted by Emsisoft.

 

thanks.... I used these links found the cache of certificates on my PC.

Many are expired, it says I can request "new" ones but that box is forever grayed out. Why? Is there a service that I need to turn on?

There are 100's of these on my box!

Why not just remove the old certificates? When you click that it says WARNING windows may not function.

Seems there is a need for a certificate managment system that has a valid certificate!

 

I have at times thought that might be helpful, particularly if it worked not only with the Windows' certificate stores but also Firefox's and perhaps others. Several specific things I thought might be useful:

- Mass export/import
- The ability to easily snapshot things, and compare differences between snapshots.
- If possible, the ability to display when each cert was added to the local store
- A scan for potential problems feature, which could look for expired certificates, look for certificates that are not on Microsoft's or Mozilla's root certificate list, verify all certificates, compare the certs you have to those in one or more repositories, scan the software you have on your machine to identify certs it would need, etc.
- Friendlier/wider/fewer click interface to reviewing certificates

Anyone know of something that comes close to that?

 

Hi Wind...

Thanks for your support on this idea! The whole world of security seems at stake here or am I

One thing we could do is ask M$

 

FWIW, I poked around a little bit. I saw some enterprise tools for checking, managing, etc certificates but didn't dig into them. Looks like Mozilla has a cmdline tool for working with certs. Microsoft has one too and you can also get at them programmatically. So with a little elbow grease I think one could roll their own tool to help work with certificates, check across multiple machines, etc. I saw various examples, particularly Powershell scripts.

 

Thats interesting. But I have no skills to build my own tool.

would prefer the heavy weight guys with 5000+ posts to tell us which certificate management tool(s) are reliable.

I could take a radical position and take a full image of the PC make sure I can restore from it.

THEN delete ALL cerificates from the cache and see if I can run and slowly build a current safe set.

I suspect I wont be able to even boot if I do this.