June 15, 2015
A deeper look into the latest version of malware known as Duqu shows it used digital certificates from prominent contract manufacturer Foxconn Technology Group to help mask its activity.
Kaspersky Lab, which published a report on Duqu 2.0 last week, wrote in a blog post Monday that a 64-bit driver within the malware employed a digital certificate signed by Hon Hai Precision Industry, also known as Foxconn.
Digital certificates are used for encrypting data and verifying the legitimacy of websites and applications. Using a digital certificate issued to a trusted organization makes it less likely that an application is going to be detected as harmful.
Companies and organizations usually employ high protections to prevent their digital certificates from falling into the hands of attackers. Occasionally, they’re stolen and need to be revoked if it’s discovered certificates have been fraudulently used.