OpenSUpdater report from Google alerts Microsoft
A report from the tech giant’s threat analysis group (TAG) was published on The Digital Hacker Thursday. The breaching issue was discovered by Google TAG researcher Neel Mehta.
“Since mid-August, OpenSUpdater samples have carried an invalid signature, and further investigation showed this was a deliberate attempt to evade detection,” Mehta explains.
“Security products using OpenSSL to extract signature information will reject this encoding as invalid.
“However, to a parser that permits these encodings, the digital signature of the binary will otherwise appear legitimate and valid.”
Since Google TAG first discovered this hacking technique, OpenSUpdater developers have attempted to vary it on invalid encodings to make it even harder to detect, Mehta added.
Microsoft working on a fix
The majority of those targeted by OpenSUpdater attacks are U.S.-based users who download cracked games. Hackers that are financially motivated execute coordinated malware attacks on a large number of devices, reports Bleeping Computer.
