Skip to content
The Nexus
SECURITYMay 19 · 21:56 UTCTHE REGISTER

Microsoft shuts down illegal code-signing operation used by ransomware crims to mask their malware

Microsoft shut down an illegal code-signing operation used by ransomware criminals to mask their malware, seizing websites and taking down hundreds of virtual machines running the service. The operation, called Fox Tempest, abused Microsoft's Artifact Signing code-signing service, selling code-signing certificates to other criminals for thousands of dollars. This allowed ransomware groups to make their malware appear legitimate to Windows and users.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this