SECURITYTHE REGISTER
Microsoft shuts down illegal code-signing operation used by ransomware crims to mask their malware
Microsoft shut down an illegal code-signing operation used by ransomware criminals to mask their malware, seizing websites and taking down hundreds of virtual machines running the service. The operation, called Fox Tempest, abused Microsoft's Artifact Signing code-signing service, selling code-signing certificates to other criminals for thousands of dollars. This allowed ransomware groups to make their malware appear legitimate to Windows and users.
Mentioned