Adobe Says Its Code Signing Infrastructure Has Been HackedAdobe Says Its Code Signing Infrastructure Has Been Hacked
Compromise means that attackers could create malware that looks like legitimate Adobe software
October 1, 2012
Adobe is warning users that that an internal server with access to its digital certificate code signing infrastructure was hacked by "sophisticated threat actors."
The compromise, which originally took place in early July, allowed malware authors to create at least two malicious files that were digitally signed using a valid Adobe certificate, according to a blog by Adobe security chief Brad Arkin.
"We are proceeding with plans to revoke the certificate and publish updates for existing Adobe software signed using the impacted certificate." Arkin said. "This only affects the Adobe software signed with the impacted certificate that runs on the Windows platform and three Adobe AIR applications that run on both Windows and Macintosh. The revocation does not impact any other Adobe software for Macintosh or other platforms."
The breach would likely be used to create advanced persistent threats, Arkin said.
"Sophisticated threat actors use malicious utilities like the signed samples during highly targeted attacks for privilege escalation and lateral movement within an environment following an initial machine compromise," the blog stated. "As a result, we believe the vast majority of users are not at risk. We have shared the samples via the Microsoft Active Protection Program (MAPP) so that security vendors can detect and block the malicious utilities."
Have a comment on this story? Please click "Add a Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.
About the Author(s)
You May Also Like
Modern Supply Chain Security: Integrated, Interconnected, and Context-DrivenNov 06, 2023
How to Combat the Latest Cloud Security ThreatsNov 06, 2023
Reducing Cyber Risk in Enterprise Email Systems: It's Not Just Spam and PhishingNov 01, 2023
SecOps & DevSecOps in the CloudNov 06, 2023
What's In Your Cloud?Nov 30, 2023