all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Add to bookmarks
June 1, 2023, 4:15 p.m. | BrianKrebs

Krebs on Security krebsonsecurity.com

Code-signing certificates are supposed to help authenticate the identity of software publishers, and provide cryptographic assurance that a signed piece of software has not been altered or tampered with. Both of these qualities make stolen or ill-gotten code-signing certificates attractive to cybercriminal groups, who prize their ability to add stealth and longevity to malicious software. This post is a deep dive on "Megatraffer," a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since …

774748@gmail.com akafitis@gmail.com assurance bear breadcrumbs certificates code code signing certificates constella intelligence cybercriminal domaintools.com featar24 fitis flashpoint glavmed identity intel 471 konstantin evgenievich fetisov malware megatraffer ne'er-do-well news o.r.z. piece prize sign signing software spamit spampage@yandex.ru stealth stolen

Visit resource

More from krebsonsecurity.com / Krebs on Security

Russian FSB Counterintelligence Chief Gets 9 Years in Cybercrime Bribery Scheme 4 days, 22 hours ago | krebsonsecurity.com
alexander kovalev a little sunshine artem zaitsev bribe +28
Who Stole 3.6M Tax Records from South Carolina? 1 week, 4 days ago | krebsonsecurity.com
account aleksandr ermakov associated press bank +34
Crickets from Chirp Systems in Smart Lock Key Leak 1 week, 5 days ago | krebsonsecurity.com
a little sunshine august.com can chirp systems +22
Why CISA is Warning CISOs About a Breach at Sisense 2 weeks, 1 day ago | krebsonsecurity.com
agency a little sunshine breach business +28
Twitter’s Clumsy Pivot to X.com Is a Gift to Phishers 2 weeks, 3 days ago | krebsonsecurity.com
april change com domain +15
April’s Patch Tuesday Brings Record Number of Fixes 2 weeks, 3 days ago | krebsonsecurity.com
adobe after effects april azure azure ai +38
Fake Lawsuit Threat Exposes Privnote Phishing Sites 3 weeks, 2 days ago | krebsonsecurity.com
alexandr ermakov a little sunshine andrey sokol breadcrumbs +26
‘The Manipulaters’ Improve Phishing, Still Fail at Opsec 3 weeks, 3 days ago | krebsonsecurity.com
a little sunshine author bluebtcus@gmail.com breadcrumbs +29
Thread Hijacking: Phishes That Prey on Your Curiosity 4 weeks, 1 day ago | krebsonsecurity.com
account adam kidan a little sunshine attacks +22

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Cybersecurity Engineer

@ Booz Allen Hamilton | USA, VA, Arlington (1550 Crystal Dr Suite 300) non-client
View on infosec-jobs.com

Invoice Compliance Reviewer

@ AC Disaster Consulting | Fort Myers, Florida, United States - Remote
View on infosec-jobs.com

Technical Program Manager II - Compliance

@ Microsoft | Redmond, Washington, United States
View on infosec-jobs.com

Head of U.S. Threat Intelligence / Senior Manager for Threat Intelligence

@ Moonshot | Washington, District of Columbia, United States
View on infosec-jobs.com

Customer Engineer, Security, Public Sector

@ Google | Virginia, USA; Illinois, USA
View on infosec-jobs.com
View more jobs