Certificate Snatching—ZeuS Copies Kaspersky’s Digital Signature

Discussion in 'other security issues & news' started by tgell, Aug 4, 2010.

Thread Status:
Not open for further replies.
  1. tgell

    tgell Registered Member

    Joined:
    Nov 12, 2004
    Posts:
    1,073
    Article
     
  2. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    Lesson: Check hashes on these certs

    A related story posted a while back is in this thread. There I break down a lot of reasons why I think this latest fear mongering over rogue peeps jacking certs is vastly overstated and overall is nothing to worry about if basic precautions (i.e., checking hashes) are taken.
     
  3. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,851
    I'd wouldn't really call this an issue, the screenshots themselves show that the certificates are infact invalid.

    I'd be far more concerned over malware like stuxnet that managed to get Realtek's actual key and signed their malware with a valid certificate, Microsoft had to invalidate that certificate from Verisign.
     
  4. chronomatic

    chronomatic Registered Member

    Joined:
    Apr 9, 2009
    Posts:
    1,343
    Realtek peeps are idiots then. They should never store their master key in a place where malware can touch it. Furthermore, the malware would have to have some way of cracking the key's passphrase (unless the private key had no passphrase, which is total idiocy).

    Let me add, that this non-story the OP posted is nothing but a way for Trend Micro to attempt to make Kaspersky look bad (even though Kaspersky did nothing wrong whatsoever and this "issue" is indeed a non-issue). The hashes don't match. I mean that's what hashes are for. Everything is working as it's supposed to work! This is actually a very retarded story. "Full retard" at that. ;)
     
  5. CogitoTesting

    CogitoTesting Registered Member

    Joined:
    Jul 4, 2009
    Posts:
    901
    Location:
    Sea of Tranquility, Luna
  6. funkydude

    funkydude Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6,851
    I agree.

    Well it's not confirmed how they got Realtek's key but some people believe blackmail/goverments were involved. I believe they got a key from another Taiwanese company also.
     
Loading...
Thread Status:
Not open for further replies.