Stolen government of Malaysia certificate used to sign malicious fake Adobe software update

Discuss

14 Responses to “Stolen government of Malaysia certificate used to sign malicious fake Adobe software update”

  1. Guest says:

    Caveat Emptor

  2. awjt says:

    Adobe’s updates are a constant barrage of annoyance.

  3. Finnagain says:

    I seal all my devices in carborunderum, just to be extra safe.

  4. tyrsalvia says:

    It is not surprising to see this related to a fake Adobe update. Adobe and Skype have recently been the favorite targets of phishers. 

  5. Henry Pootel says:

    I would say that the vast majority of users get those messages asking about certificates and, “Do you trust this certificate?” etc. and just click through in a, “yea yea whatever sure” mentality – just like they do with EULAs.

    • tobergill says:

       Well, the reason for that is that they have absolutely no way to verify that the certificate can be trusted. Many times I’ve had this issue on our corporate network only to be told “yea yea we forgot to pay the bill, don’t worry about that”. If the default action is to say no, what are the ramifications of that?

      • thebelgianpanda says:

        I’ve run into that waaay too many times, and it trains users to not have any suspicion at all.  It’s pretty infuriating.

  6. Holy Moly! That’s from my country!

  7. chgoliz says:

    Of course I read this 20 minutes after my daughter dutifully checked with me before downloading the Adobe update that popped up on her screen.

  8. journey46 says:

    does this indict a member of the government of malaysia or adobe ?
    or is it yet another case of 24 hr sensationalism?

    i love my photoshop 5 and illustrator 7, which still work very well in vista and acrobat’s free pdf’s and quicktime but they piss me off when they jump into my msconfig and add start up crap with every update.

    still, i find them galaxies away from hp and apple in proprietary incursions and so i question their involvement in this, if it is, fascist crappola.

    boing boing needs to support OCCUPY by publishing the whole truth or state it as such.

    p.t. barnum needs to be continually spin in his grave.

    my opinion, not boing boing’s.

  9. thebelgianpanda says:

    Check this out–revocation lists (the method of getting rid of compromised certificates) are generally OS wide, except for a couple of vendors.  I’m looking at YOU, Adobe!  Yes, not only do you need an OS update to revoke compromised certs, you need application specific updates as well.

  10. ok, how to deal with this ?

  11. Spriggan_Prime says:

    “We need to save that claymation dude!”

  12. donovan acree says:

    adobe is a company…. Not a piece of software… Anyone have information as to what product(s) this effects?
    My money says it’s Reader. Adobe’s Reader is one of the worst pieces of bug ridden, malware inserting, bloatware on the market. I would not install it on one of my machines.
    However, due to handing out Adobe Acrobat Pro to any government or school stupid enough to use it, using Adobe Acrobat/Reader products has become pretty much a requirement in many businesses. Even if your business doesn’t play the Adobe game, your clients will inevitably send you a PDF that can only be read by an Adobe product due to Adobe adding unneeded functionality to Acrobat for that very purpose.
    One more thought. Why are governments considered trusted signing authorities? They have political agendas that directly conflict with the basic idea of a trusted signer. That’s the same as thinking your government has your best interests at heart.

Leave a Reply