Fake Security Certificates Approve Flame Malware to be Microsoft Software
From one fresh assessment of 'Flame' by Microsoft, enormously used in a cyber-attack, it has been shown that the malware had been certified with fake security certificates masquerading as Microsoft. Pcworld.com reported this dated June 4, 2012.
Explaining further, Senior Director Mike Reavy of Microsoft Security Response Center stated that his research team detected the exploitation of a previous cryptography algorithm and its subsequent utilization in endorsing malicious code to make the code appear as being from Microsoft. Softpedia.com published this on June 4, 2012.
Reavy continued that in particular, Microsoft's Terminal Server Licensing Service that let clients approve Remote Desktop facilities used inside their companies, in fact applied the said algorithm as well as supplied certificates capable of signing software, thereby allowing software getting signed and appearing like its origin was Microsoft.
Indeed, Microsoft thinks that certificates that didn't sign could be utilized for faking content, carrying out fraudulent phishing assaults, alternatively executing man-in-the-middle attacks against any Windows version.
Moreover, describing the modus operandi of the attack to be "elegant," security researchers affirmed that it was possibly employed for pushing other cyber-attack tools that hitherto were unidentified.
Chief Research Officer Mikko Hypponen for F-Secure the security software developer said that logically the attackers perhaps would've applied it elsewhere simultaneously. Abs-cbnnews.com published this dated June 5, 2012.
Furthermore, Director of Intelligence Adam Meyers for CrowdStrike a security company stated that incase cyber-weapons of more variety were planted on compromised computers via the Flame attack code, then those weapons were chanced to be made public soon given Microsoft Company's detection of the malware already. Abs-cbnnews.com published this.
The software giant said it had imbibed measures for tackling the problem like issuing a security advisory that elaborated on the problem while suggesting measures IT administrators could imbibe for thwarting software programs approved with the fake digital certificates. The company further issued an update that mechanically executed the same steps for simplifying the procedure for computer-users towards blocking fraudulently-certified malicious codes.
Nonetheless, users are being recommended for implementing the most recent security updates for ensuring own safety. Alongside, they may go through Microsoft's security advisory too for increasing self-awareness.
Related article: Fake Spam Mail Announces Australian PM’s Heart Attack
» SPAMfighter News - 08-06-2012