Malware Stealing Digital Certificates Raises Security Concerns
eWeek, By Brian Prince
Two recent examples of malware utilizing digital signatures belonging to legitimate companies have put a spotlight on the question of what to do about it.
Researchers at Trend Micro recently found a variant of the Zeus Trojan that used a certificate belonging to Kaspersky Lab's ZbotKiller product, which ironically is designed to destroy Zeus. Though the certificate was expired, the idea was for the malware to use it to look legitimate.