back to article Certificate stolen from Malaysian gov used to sign malware

Researchers have discovered malware circulating in the wild that uses a private signing certificate belonging to the Malaysian government to bypass warnings many operating systems and security software display when end users attempt to run untrusted applications. The stolen certificate belongs to the Malaysian Agricultural …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    "quite some time ago."

    So these Malaysian authorities *knew this* yet kept mum and didn't revoke the thing?

    Well, let's see how quickly mozilla, google, and micros~1 summarily drop them from their CA collections.

    1. Bronek Kozicki
      Pint

      Yup, this is most hilarious statement I read in press today.

      The sad part is that we have no choice but *still* keep using PKI.

  2. Mystic Megabyte
    Unhappy

    the internet was nice while it lasted

  3. Destroy All Monsters Silver badge
    Childcatcher

    All the king's horses and all the king's men could certify anything ever again

    So what cert is that?

    If I dump it, will it be back on the next update??

    Will this go on forever???

This topic is closed for new posts.

Other stories you might like