Malware now using NVIDIA's stolen code signing certificates
Threat actors are using stolen NVIDIA code signing certificates to sign malware to appear trustworthy and allow malicious drivers to be loaded in Windows. [...]
The Malware tag covers malware families, infrastructure analysis, incident impact, disruption efforts, and defensive guidance to reduce cybersecurity risk.
Search across headline titles and summaries.
Background for this topic.
Malware is software intentionally created or modified to perform unauthorized or harmful actions on a computer, device, or network. The term covers distinct families and functions, including viruses, worms, trojans, spyware, botnet clients, and ransomware; a single sample may combine several capabilities. Its behavior—not its label—determines the security concern: it may execute code, persist, alter or encrypt data, steal credentials, or provide unauthorized remote access.
For practitioners, malware reporting is most useful when it identifies the family or tool conservatively and provides evidence such as affected platforms, samples, infrastructure, or observed behavior. Defenses include promptly patching vulnerable software, restricting execution and privileges, monitoring endpoints and networks, maintaining tested backups, and isolating suspected systems for analysis. Detection should use behavior and verified indicators rather than names alone, since variants change. If malware processes personal or regulated data, investigations should also address privacy, evidence preservation, and applicable reporting obligations.
Threat actors are using stolen NVIDIA code signing certificates to sign malware to appear trustworthy and allow malicious drivers to be loaded in Windows. [...]
The banking trojan tracked as SharkBot has infiltrated the Google Play Store, Android's official and most trusted app store, posing as an antivirus and system cleaner application. [...]
Charities and non-governmental organizations (NGOs) providing critical support in Ukraine are targeted in malware attacks aiming to disrupt their operations and relief efforts seeking to assist those affected by Russia's war. [...]
Threat actors are distributing malware using phishing themes related to the invasion of Ukraine, aiming to infect their targets with remote access trojans (RATs) such as Agent Tesla and Remcos. [...]
BleepingComputer was recently contacted by an alleged "venture capitalist" firm that wanted to invest or purchase our site. However, as we later discovered, this was a malicious campaign designed to install malware that provides remote access to our devices. [...]
The Log4Shell vulnerabilities in the widely used Log4j software are still leveraged by threat actors today to deploy various malware payloads, including recruiting devices into DDoS botnets and for planting cryptominers. [...]
The TeaBot banking trojan was spotted once again in Google Play Store where it posed as a QR code app and spread to more than 10,000 devices. [...]
Newly discovered malware was deployed in destructive attacks against Ukrainian organizations and governmental networks before and after Russia invaded the country on February 24. [...]
Microsoft said that Ukrainian networks were targeted with recently found malware several hours before Russia's invasion of Ukraine on February 24th. [...]
Microsoft said that Ukrainian networks were targeted with newly found malware several hours before Russia's invasion of Ukraine on February 24th. [...]