Breach

Destover malware updated to carry Sony’s digital signature

December 10, 2014

Malware linked to the Sony Pictures attack has been updated to carry the company's digital signature, researchers found.

In a recent blog post, Kaspersky revealed that the new “Destover” malware variant was signed by a valid digital certificate from Sony last Friday. Destover wiper malware, also known as Wipall, has been compared to threats with similar capabilities, like Shamoon and Jokra.

“The stolen Sony certificates (which were also leaked by the attackers) can be used to sign other malicious samples,” the blog post said. “In turn, these can be further used in other attacks,” as the Sony certs are “trusted by security solutions,” the firm said.

In a Tuesday interview with Reuters, Jim Lewis, senior fellow at the Center for Strategic and International Studies (CSIS), estimated that the massive breach at Sony could cost the company up to $100 million.

UPDATE: The signed malware was apparently a prank by a researcher.
prestitial ad