Bitdefender Discovers Digital Signed Malware


Bitdefender has released findings on a newly discovered rootkit called FiveSys with a Microsoft-issued digital signature.

The valid digital signature helps attackers bypass security measures such as antimalware and navigate around operating system restrictions on loading third-party modules into the kernel.

Once successfully loaded, FiveSys allows attackers to gain virtually unlimited privilege.

The FiveSys campaign has been active for more than a year targeting online gamers – likely for credential theft and in-game purchase hijacking.

The certification for the malware has been revoked, however, Bitdefender warns that the group will likely re-emerge, potentially targeting other regions.