Image: NVIDIA

The fallout from NVIDIA’s cyber attack continues. In addition to email addresses and password hashes and DLSS source code, bad actors are now using stolen data to create malware, which has already been released online. NVIDIA code-signing certificates allow their software to bypass Windows security measures. Researchers have spotted multiple trojans in the wild using the stolen certificates.

Digitally signed certificates prevent threat actors from installing malware on a PC, so preventing software with them is a tricky thing. Malware can be masked as updates or drivers, making it difficult to spot. All hope is not lost, though, as David Weston (Director of Enterprise and OS security at Microsoft) has posted a means for administrators to tighten up security measures. With Windows Defender Application Control policies (WDAC), a user can control which drivers are loaded.

Configuring custom policies and rule sets is not easy for the average user. If done incorrectly, things could be made worse. It is hoped that NVIDIA and Microsoft will collaborate for an easier solution.

Those more adept at software can identify potential malware by looking for serial numbers. Security researchers Kevin Beaumont and Will Dormann found that the stolen certificates contain the following serial numbers.

43BB437D609866286DD839E1D00309F5
14781bc862e8dc503a559346f5dcc518

Source: Bleeping Computer

Don’t Miss Out on More FPS Review Content!

Our weekly newsletter includes a recap of our reviews and a run down of the most popular tech news that we published.

Peter Brosdahl

As a child of the 70’s I was part of the many who became enthralled by the video arcade invasion of the 1980’s. Saving money from various odd jobs I purchased my first computer from a friend of my...

Leave a comment