Pierluigi Paganini September 04, 2016
Fake-Game offers a Phishing-as-a-Service platform to wannabe criminals

Experts from Fortinet discovered a Russian website called Fake-Game the offers a Phishing-as-a-Service platform to anyone. The Phishing attacks are still one of the most effective methods to grab users’ credentials on the web. Experts from Fortinet have discovered a Russian-language site called ‘Fake-Game’ that offers Phishing-as-a-Service. “During our monitoring, we discovered that this same business model is […]

Pierluigi Paganini January 07, 2016
Authors digitally signed Spymel Trojan to evade detection

Zscaler ThreatLabZ detected a new infostealer malware family dubbed Spymel that uses stolen certificates to evade detection. In late December, security experts at Zscaler ThreatLabZ detected a new infostealer malware family dubbed Spymel that uses stolen certificates to evade detection. “ThreatLabZ came across yet another malware family where the authors are using compromised digital certificates to evade detection. The malware family in […]

Pierluigi Paganini November 04, 2015
GovRAT, the malware-signing-as-a-service platform in the underground

Security Experts at InfoArmor discovered GovRAT, a malware-signing-as-a-service platform that is offered to APT groups in the underground. In the past, I have explained why digital certificates are so attractive for crooks and intelligence agencies, one of the most interesting uses is the signature of malware code in order to fool antivirus. Naturally, digital certificates […]