HijackLoader Malware Abuses Genuine Code-Signing Certificates

dakshsharma16 @ Blog

HijackLoader Malware Abuses Genuine Code-Signing Certificates - 1d

Read more: cyble.com

HijackLoader malware is being used to distribute LummaStealer. This malware is using stolen code-signing certificates for authentication, allowing it to evade detection by security solutions. This exploitation of genuine certificates highlights the increasing sophistication of cybercriminals and the need for enhanced security measures. It’s crucial to be aware of this technique and adopt robust security practices to mitigate the risk.

References:

harfanglab.io - Genuine Signing Certificates Found Used by HijackLoader - 2d
sra.io - Security Research and Analysis: HijackLoader Malware - 1d
The Hacker News - Researchers Uncover HijackLoader Malware Using Stolen Code-Signing Certificates - 1d
Cyble - Cyble's weekly report on vulnerabilities, including those from Ivanti, Microsoft, Qualcomm, Zimbra, and CUPS - 1d

Classification:

HashTags: #malware #code #signing #cybersecurity #threatintel
Company: HarfangLab
Target: Organizations
Product: HijackLoader
Feature: Code Signing
Type: Malware
Severity: Medium

Flag This

HijackLoader Malware Abuses Genuine Code-Signing Certificates - 1d