Ripping mobility from the clutches of telecom
Symbian Malware – Signed
I saw some random references to something called Sexy View, malware aimed at Nokia devices. I was just going to ignore it, but then I realized it appears to be a signed application. Delicious. If nothing else that should allow the response folks to track down where it came from I would assume. The reports out there are vague so far at best, but I’m hoping at some point something will shed some light on how this came about. I’m assuming something happened like some company got careless (or went out of business and just ignored) their signing key for applications, and some malicious party got hold of it. Very curious about this I am.
| Print article | This entry was posted by miker on February 20, 2009 at 5:06 pm, and is filed under Community, Software, Technology, ThisIsMobility. Follow any responses to this post through RSS 2.0. You can leave a response or trackback from your own site. |
about 1 year ago
It depends on how it was signed. MD5 is broken (i.e. I could copy a signature on an existing executable if it uses a signed MD5 hash).
The Security Now podcast at GRC.com had some information on SSSL certificates! signed by MD5 being forged.