1. 10:42 20th Sep 2012

    Notes: 5

    Tags: TechnologyTechComputersComputingComputer ScienceMalwareCyberwarCybercrime

    State-Sponsored Malware Serving as Template For New Civilian Attacks “They are copying the design philosophy,” says Schouwenberg, adding that one now-popular technique found in conventional “criminal malware” was inspired by the discovery of Stuxnet. For example, Stuxnet installed fake device drivers using digital security certificates stolen from two Taiwanese computer component companies, allowing them to sneak past any security software. Other malware now uses fake certificates in a similar way to hide malicious software from antivirus programs. “Stuxnet was the first really serious malware with a stolen certificate, and it’s become more and more common ever since,” says Schouwenberg. “Nowadays you can see use of fake certificates in very common malware.” Aviv Raff, chief technology officer and cofounder of Israeli computer security firm Seculert, agrees. “Design features of Stuxnet, Duqu, and Flame are appearing in opportunistic criminal malware,” he says. (via Stuxnet Tricks Copied by Computer Criminals - Technology Review)

    State-Sponsored Malware Serving as Template For New Civilian Attacks

    “They are copying the design philosophy,” says Schouwenberg, adding that one now-popular technique found in conventional “criminal malware” was inspired by the discovery of Stuxnet.

    For example, Stuxnet installed fake device drivers using digital security certificates stolen from two Taiwanese computer component companies, allowing them to sneak past any security software. Other malware now uses fake certificates in a similar way to hide malicious software from antivirus programs.

    “Stuxnet was the first really serious malware with a stolen certificate, and it’s become more and more common ever since,” says Schouwenberg. “Nowadays you can see use of fake certificates in very common malware.”

    Aviv Raff, chief technology officer and cofounder of Israeli computer security firm Seculert, agrees. “Design features of Stuxnet, Duqu, and Flame are appearing in opportunistic criminal malware,” he says.

    (via Stuxnet Tricks Copied by Computer Criminals - Technology Review)

     
    1. informationaction reblogged this from joshbyard and added:
      Unintended consequences are so awkward…
    2. idlnmclean reblogged this from joshbyard
    3. joshbyard posted this