Digital Microsoft Certificates that were leaked during the Lapsus$ attack on Nvidia have been used by another ransomware group called Cuba to sign malware.
Certificates are digital signatures that help validate the authenticity of an application on Windows. If these certificates fall in the wrong hands, they can be used to run malicious software with full access to your Windows system.
Earlier this year, a group of hackers known as Lapsus$ stole data from Nvidia's servers in a data breach. They also went after Samsung, Microsoft, Uber, Ubisoft and Vodafone. Later, seven people were questioned by the London Police in relation to the hacks and two were arrested.
The data leaked during those breaches was available online, and digital certificates that were part of the breach have now been spotted in various malware. The Microsoft certificates used by Cuba are from the Nvidia data breach.
The FBI and US Cybersecurity and Infrastructure Security Agency (CISA) have released an advisory about Cuba. The hacking group has more than doubled the count of its attacks and makes a lot of money from ransomware attacks.
Earlier this month, another security leak that left Android smartphones vulnerable made news. In this case, Android Digital Certificates were leaked from multiple partner OEMs online, potentially allowing bad actors to sign malware as authentic on Android phones.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
Find the best of Al News in one place, specially curated for you every weekend.
Stay on top of the latest tech trends and biggest startup news.
