Malware attack on Kaspersky Lab used stolen Foxconn certs

Kaspersky Lab has revealed a few more technical details about the malware used in the recent intrusion into its systems, which the company has christened "Duqu 2.0." The report includes a worrisome detail: a 64-bit Windows driver used by the malware platform is digitally signed by none other than Foxconn Technology Group, one of the world's largest electronics manufacturers. You might know some of their clients, like Apple, Microsoft, and Google.

The valid digital signature makes the driver in question appear perfectly legitimate from the OS's perspective, and is one of the reasons why Duqu 2.0 doesn't ...

Read more...