HijackLoader Malware Abuses Genuine Code-Signing Certificates

daksh sharma @ Cyble

HijackLoader Malware Abuses Genuine Code-Signing Certificates - 5d

Read more: cyble.com

HijackLoader malware is being used to distribute LummaStealer. This malware is using stolen code-signing certificates for authentication, allowing it to evade detection by security solutions. This exploitation of genuine certificates highlights the increasing sophistication of cybercriminals and the need for enhanced security measures. It’s crucial to be aware of this technique and adopt robust security practices to mitigate the risk.

References:

harfanglab.io - Genuine Signing Certificates Found Used by HijackLoader - 6d
sra.io - Security Research and Analysis: HijackLoader Malware - 6d
The Hacker News - Researchers Uncover HijackLoader Malware Using Stolen Code-Signing Certificates - 6d
Cyble - Cyble's weekly report on vulnerabilities, including those from Ivanti, Microsoft, Qualcomm, Zimbra, and CUPS - 6d

Classification:

HashTags: malware code signing cybersecurity threatintel
Company: HarfangLab
Target: Organizations
Product: HijackLoader
Feature: Code Signing
Type: Malware
Severity: Medium

This site is an experimental news aggregator using feeds I personally follow. You can reach me using contacts documented at my website here (https://royans.net/) if you have feedback. You can also find Flathis at Mastodon.

FlagThis

HijackLoader Malware Abuses Genuine Code-Signing Certificates - 5d

References:

Classification: