Compromised digital signatures a threat to Android and PCs, study finds

Share this article:

Finding ways to bypass or validate digital signatures on PCs and Android-based mobile devices in an attempt to distribute malware is fast becoming a new trend among attackers, according to the McAfee Labs Threats Report: Third Quarter 2013.

This quarter, researchers with computer security software company McAfee saw a 30 percent increase in Android-based malware due in large part to a new type of mobile malware – known as Exploit/MasterKey.A – that allows attackers to circumvent digital signature validation of apps.

Altogether, researchers discovered about 700,000 new pieces of malware for Android-based mobile devices. Meanwhile, with more than 1.5 million new samples identified, PC malware with digital signatures has grown by 50 percent.

“The efforts to bypass code validation on mobile devices, and commandeer it altogether on PCs, both represent attempts to circumvent trust mechanisms upon which our digital ecosystems rely,” Vincent Weafer, senior vice president of McAfee Labs, told SCMagazine.com in a Thursday email statement.

Most recently, researchers with anti-virus software company Bitdefender wrote about a circulating scam program named Antivirus Security Pro that has been tweaked to come with a stolen digital signature. Antivirus Security Pro pretends to be a free malware scanning tool, but when run, it falsely alerts of malware on the machine and requests money in order to clean up the infection.

With untraceable virtual currency growing in use – particularly in underground and often illegal marketplaces, such as Silk Road – Bitcoin-mining has also increased significantly. Attackers are now developing malware that infects systems, mines the computers for processing power and, ultimately, produces Bitcoins for use in purchases.

“As these currencies become further integrated into our global financial system, their safety and stability will require initiatives leveraging both the financial system's monetary controls and oversight, and the technical controls and defenses our industry provides,” Weafer wrote.

As well, the third quarter experienced a 125 percent increase in the global volume of spam. Researchers indicated that the spike is likely a result of legitimate marketing firms purchasing mailing lists from possibly illegal sources.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

Reported breaches involving zero-day bug at JPMorgan Chase, other banks

Reported breaches involving zero-day bug at JPMorgan Chase, ...

Hackers exploited a zero-day vulnerability and gained access to sensitive information from JPMorgan Chase and at least four other financial institutions, reports indicate.

Data on 97K Bugzilla users posted online for about three months

During a migration of the testing server for test builds of Bugzilla software, data on about 97,000 Bugzilla users was inadvertently posted publicly online.

Chinese national had access to data on 5M Arizona drivers, possible breach ...

Although Lizhong Fan left the U.S. in 2007, the agencies responsible for giving him access to Americans' personal information have yet to disclose the details of the case to the public.