[HIB]Are hackers using Aurora-style attacks to steal software credentials?

Recent Stuxnet malware found by Belorussian antivirus company VirusBlokAda was noteworthy for the shortcut vulnerability it exploited in all versions of Windows, due to be patched today.But the bigger problem for users and the industry may be a remarkable characteristic of two variants of the Stuxnet family: The first was code-signed using the legitimate private key of a legitimate company, Realtek Semiconductor. And then a second variant of the malware was found, also signed by a legitimate company -- this time JMicron Technology.Pierre-Marc Bureau of ESET noted that both Realtek and JMicron have offices in Hsinchu Science Park, Taiwan. I suspect that both companies' private keys were compromised either by an inside job (such as an employee selling it) -- or by sophisticated hacking.

**Hidden Content: To see this hidden content your post count must be 1 or greater.**