Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Criminals hack Adobe certificate server

Tim Greene | Oct. 1, 2012
Criminals have broken into an Adobe server and provided two pieces of malware with a digital certificate that attest to them being legitimate code.

This is reminiscent of how Microsoft certificate signing was compromised as part of the Flame malware attack. That resulted in Microsoft revamping its certificate service and requiring an encryption upgrade that takes effect Oct. 9.

The malware discovered are known as pwdump7v7.1 and myGeeksmail.dll.

The first extracts password hashes from Windows operating systems. The second is a malicious ISAPI filter. An ISAPI filter is a file that can enhance the functionality of Microsoft's Internet Information Services. These filters can examine and modify data coming into and going out of IIS servers. Details about the two malicious utilities are available here at the official Adobe security advisory.

A spokesperson for Adobe says in an email that it came across the samples from a single source that the company would not name.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.