Thursday, January 27, 2022

Adobe servers hacked – used to Sign malware

Thursday software vendor Adobe declared that attackers breached its code-signing system and applied it to sign their malware with a validated digital certificate from Adobe.

Adobe alleged it was lifting the certificate and planned to issue fresh certificates for legitimate Adobe products that were also signed with the same certificate, wrote Brad Arkin, senior director of product security and privacy for Adobe, in a blog post.

Adobe did not say when the breach took place, but noted that it was re-issuing certificates for code that was signed with the compromised signing key after July 10, 2012.

In addition, a security advisory the company released with its announcement showed that the two malicious programs were signed on July 26 of this year.

Adobe spokeswoman Liebke Lips assured Wired that the company first got word of the issue when it received samples of the two malicious programs from an unidentified party on the evening of Sept. 12.

The company then instantly began the process of deactivating and revoking the certificate.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

New FastPOS malware targeting Point-of-Sale systems

Experts have disclosed a new category of malware, labeled “FastPOS,” that has the ability to quickly …