Article 5WYCA Stolen Nvidia Certificates Used To Hide Malware in Driver Downloads

Stolen Nvidia Certificates Used To Hide Malware in Driver Downloads

by
msmash
from Slashdot on (#5WYCA)
Last week Nvidia confirmed that it had been the victim of an internal hack, though it claimed no customer information was compromised. Now we're seeing one of the first effects of the hack on end-users: Nvidia GPU driver packages with malware hidden inside. PCWorld: While it was always possible for malefactors to host links pretending to be drivers in the hopes of installing viruses, trojans, and other nasty stuff on a user's PC, this situation is more concerning. The hackers appear to have leaked Nvidia's official code signing certificates, a means by which users (and Microsoft) can verify that a downloaded program comes from the publisher it says it's from. That's allowing files containing a host of popular malware suites to be posted and downloaded, bypassing Windows Defender's built-in executable verification and slipping past anti-virus software. BleepingComputer reports that two now-expired (but still usable) verification codes have been compromised and used to deliver remote access trojans. Another example, using the Nvidia verification to sign a fake Windows driver, was also spotted.

twitter_icon_large.pngfacebook_icon_large.png

Read more of this story at Slashdot.

External Content
Source RSS or Atom Feed
Feed Location https://rss.slashdot.org/Slashdot/slashdotMain
Feed Title Slashdot
Feed Link https://slashdot.org/
Feed Copyright Copyright Slashdot Media. All Rights Reserved.
Reply 0 comments