The Latest in IT Security

Symantec Protects Against Files Misusing Adobe Code Signing Certificate

28
Sep
2012

On September 27, Adobe posted a blog stating that the company is investigating the inappropriate use of an Adobe code signing certificate for the Windows operating system.  Symantec is aware of this issue and has added protection to detect any unauthorized file signed by the Adobe certificate in question as Trojan.Abe. We are currently aware of two utilities totaling three files that appear to come from one particular source signed by this certificate. One is a password dump tool that is available publicly and another is an ISAPI filter that redirects internet traffic on a Web server that, to our knowledge, is not publicly available. Details of the files are listed below:

PwDump7.exe

MD5 hash: 130F7543D2360C40F8703D3898AFAC22

Signature timestamp: Thursday, July 26, 2012 8:44:40 PM PDT (GMT -7:00)

libeay32.dll

MD5 hash: 095AB1CCC827BE2F38620256A620F7A4

Signature timestamp: Thursday, July 26, 2012 8:44:13 PM PDT (GMT -7:00)

myGeeksmail.dll

MD5 hash: 46DB73375F05F09AC78EC3D940F3E61A

Signature timestamp: Wednesday, July 25, 2012 8:48:59 PM (GMT -7:00)

We believe these files are only used in highly targeted attacks and the number of users at risk is extremely small. As stated above, Symantec products protect against any type of files that may have been signed by the certificate. Symantec customers are advised to ensure that their file definitions are up-to-date.

More details about the incident can be found on Adobe’s security advisory.

Leave a reply


Categories

THURSDAY, OCTOBER 18, 2018
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments

Social Networks