Home / Professional / Professional Featured / Certificates stolen from D-Link used to sign malware

Certificates stolen from D-Link used to sign malware

Taiwanese companies are very much targeted when it comes to cyber espionage. For the past decade, there have been stories of Taiwanese companies having their certificates stolen and used to sign various bits of malware. D-Link is the next company to be affected, as they have had certificates stolen and used in password-stealing malware.

Both D-Link and Changing Information Technology were victims of a hack. It is thought that a hacking group by the name of ‘BlackTech' was behind the theft, the certificates were then used to sign at least two pieces of malware, according to antivirus provider, Eset.

The first piece of malware was a remotely controlled backdoor, while the other was designed to steal passwords. Eset believes the group behind the hack is highly skilled, as two fairly high profile companies were successfully targeted.

As reported by Arstechnica, the certificates in question have since been revoked. D-Link in particular says that customers should not be affected by this. Some IP cameras will show a certificate warning. D-Link says that this can be safely ignored, but we would recommend exercising caution and not ignoring warnings, especially when cameras are involved.

KitGuru Says: Taiwanese companies will have to step their game up with such an active and skilled hacking group located close to home. Have you been affected by this hack?

Become a Patron!

Check Also

Nvidia driver update fixes crucial security vulnerabilities

Nvidia GeForce, RTX, Quadro, NVS and Tesla GPU users will want to update their drivers soon. Nvidia has pushed out a hotfix with a number of critical security fixes that if left unfixed, could allow for unauthorised access to systems.