Researchers at F-Secure recently found malware that's digitally signed with a stolen code-signing certificate.
"The malware uses a certificate for mardi.gov.my, which is the Agricultural Research and Development Institute of Malaysia," writes CNET News' Elinor Mills. "That agency told F-Secure that the certificate had been stolen 'quite some time ago.' It expired at the end of September so is no longer effective for authentication."
"The Trojan program, which F-Secure detected as Agent.DTIW, spreads via malicious PDF files that exploit a vulnerability in Adobe Reader 8, according to the F-Secure blog," Mills writes.
Go to "F-Secure finds rare digitally signed malware" to read the details.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.