If you are in thinking that your PC or computing device is secure enough as it is loaded with an anti-malware solution, you better change your viewpoint. As some hackers have developed a malware that uses code signing certificates to avoid detection by security defenses and has the tendency to download payloads onto a compromised system.
Dubbed as ‘Blister’ malware and discovered by researchers from Elastic Security, the malware seems to evade most of the known security defenses and also has the tendency to induce ransomware into infected PCs.
Interestingly, the malware is found using a code signing certificate from Sectigo, a cybersecurity company that offers digital identity solutions. And the certification is linked to a Russian company titled Blist LLC that delivers payloads such as Cobalt Strike and BitRAT on demand.
Following a strong Cybersecurity hygiene while online like keeping the software updated with the latest patches, never opening links embedded in emails, using firewalls and VPN, implementing multi factor authentication while accessing critical apps, training employees on what not do when online will help in keeping malware such as viruses, worms, ransomware, Trojan horses, keyloggers, rootkits, spyware and crypto-mining software along with adware at bay.
Note- From the past few days, some media houses are running rampant reports that the pirated movie copies of “Spider Man No Way Home” might be riddled with crypto mining and blister malware. So, all those accessing such websites on office devices, better be aware of this cyber threat before it is too late.
The post Blister malware using code signing certificates to evade anti malware detection appeared first on Cybersecurity Insiders.
December 28, 2021 at 10:51AM
0 comments:
Post a Comment