Code signing certificates used in repeat attacks

Created: 21 Jul 2010 | Updated: 18 Dec 2012

Tim Callan

Within the past week or so we have seen a pair of malicious worms used that employ what appear to be stolen VeriSign Code Signing certificates. We became aware of both these attacks when they were reported in the press, and both of the certificates involved are revoked. Each certificate holder was fully cooperative and understanding about the need to revoke the certificates in question. We're looking at potential methods of predicting certificates that may be compromised and therefore used in subsequent attacks and then encouraging preemptive replacement by the holders of those certificates. Microsoft has issued an advisory on the Windows flaw and states it's working on a fix.

Here's a summary of the first discovered attack. Here's a summary of the newest attack. And here's a summary from The Tech Herald about how the certificates fit in.

Blog Entry Filed Under:

Security, Website Security Solutions, Code Signing, SSL Certificates

Group Ownership:

Authentication Services

Show Less

Login or register to post comments
Comments RSS Feed

Links

Technical Support Symantec Training Symantec.com Purchase Endpoint Protection Small Business Edition Purchase SSL Certificates

About Website Security Solutions

Website Security Solutions allow companies and consumers to engage in communications and commerce online with trust and confidence. With more than one and a half million web servers using our SSL certificates, an infrastructure that processes more than four and a half billion certificate checks daily, and a trust mark that is seen more than half a billion times a day in 170 countries, the Norton Secured seal is the most recognized symbol of trust on the Internet.

Filter by:

Recent Blog Posts

SSL Accelerators – How SSL Acceleration Can Help Your Business | Symantec
Andy Horbury - 17 Jun 2013
Client Certificates vs. Server Certificates – What’s the Difference?
Jimmy Edge - 14 Jun 2013
E-Commerce sales to top $1.29 trillion: Is your small business website protected?
Tom Powledge - 10 Jun 2013
Symantec Achieves High Honors in Keeping the Internet Safe
Tom Powledge - 05 Jun 2013
Web Security: Everything you Need to Know to Stay Safe
Andy Horbury - 30 May 2013
Sidejacking, Firesheep, and AOSSL
Brad - 29 May 2013
It's National Cyber Security Awareness Week - here are a few tips
Belinda Charleson - 22 May 2013 - 1 Replies
A solid foundation for public sector security.
Andy Horbury - 20 May 2013
How secure is your website?
Andy Horbury - 15 May 2013
What you need to know to migrate from 1024-bit to 2048-bit encryption
Andy Horbury - 13 May 2013

Recently on Twitter

@VeriSignAuth

VeriSignAuth: We are closing this Twitter account. Follow us @NortonSecured to stay on top of the latest news in website security & #SSL
15 Mar 2013
VeriSignAuth: Please follow us @NortonSecured for news and updates on Website #Security Solutions, #SSL, Code Signing, and the latest security news.
12 Dec 2012
VeriSignAuth: Please follow @NortonSecured for news and updates on Website #Security Solutions, #SSL, Code Signing, and the latest security news.
08 Oct 2012
VeriSignAuth: Please follow @NortonSecured for news and updates on Website #Security Solutions, #SSL, Code Signing, and the latest security news.
08 Aug 2012
VeriSignAuth: Please follow @NortonSecured for news and updates on Website #Security Solutions, #SSL, Code Signing, the latest security threats, and more!
06 Jul 2012