How to Avoid Signed Malware Hiding in Productivity Apps
How to Spot Signed Malware Disguised as Productivity Apps Most people assume a digitally signed application is safe. That blue checkmark or “signed by” notice in your operating system’s installer dialog suggests the software has been verified and hasn’t been tampered with. But attackers have found a way around that trust. A recent malware campaign, tracked as TamperedChef, uses valid code-signing certificates to make malicious productivity apps look legitimate. Once installed, the software delivers information stealers and remote access trojans (RATs) that can steal passwords, capture screenshots, and give attackers control of your machine. ...