Nasty new malware strain creeps quietly past Windows defenses
Security researchers have identified a new malware campaign that leverages code signing certificates and other techniques to help it avoid detection by antivirus software.
According to a new blog post from Elastic Security, the cybersecurity firm's researchers identified a cluster of malicious activity after reviewing its threat prevention telemetry.
The cybercriminals behind this new campaign are using valid code signing certificates to sign malware to help them remain under the radar of the security community. However, Elastic Security also discovered a new malware loader used in the campaign that it has named Blister. Due to the use of valid code signing certificates and other measures taken to avoid detection, the cybercriminals responsible have been running this new campaign for at least three months.