Abusing Code Signing for Profit

White Paper 28 Oct 2020

Download Now

To download this white paper you’ll need an Infosecurity Magazine account. Log in or sign up below.

Email address

Password Forgotten your password?

Get up-to-the-minute news and opinions, plus access to a wide assortment of Information Security resources that will keep you current and informed.

First name

Last name

Company name

Country

Email address

Please send me your eNewsletter

Nickname This will be used to identify you if you take part in our online comments.

Password

Your password should:

be at least eight characters long
be no more than 25 characters long
contain at least one uppercase, lowercase and special character
contain at least one digit
only contain alphanumeric characters or ~!@#$%^&*()_-+=?.

For more information explaining how we use your information please see our privacy policy.

By registering you agree with our terms and conditions.

Signing a Windows executable file was originally conceived as a mechanism to guarantee the authenticity and integrity of a file published on the internet. Unfortunately, this system is built on a problematic core tenet: Trust.

This inherited trust model is taken advantage of by malware authors who purchase certificates directly or via resellers.

This white paper outlines how Chronicle researchers hunted within VirusTotal to gain a deeper understanding of this issue. For this investigation, researchers only included Windows PE Executable files, filtered out samples with less than 15 aggregate detections, aggressively filtered out grayware files, and calculated the distinct number of samples each signing

Brought to you by

Should you download this content your information may be shared with the sponsors indicated above. Please see the privacy policy for Chronicle Security here: https://policies.google.com/privacy. Please see Infosecurity Magazine’s privacy policy for more information.