McAfee Labs announced that malware signed using legitimate digital certificates to trick people into thinking the software comes from reputable vendors is a drastically growing threat. McAfee Labs found 1.2 million pieces of new signed malware in the last quarter. Most malware wielding digital signatures makes it past antivirus scans because it is whitelisted.
McAfee’s director of advanced research and threat intelligence, David Marcus told attendees of McAfee Focus 2013 in Las Vegas that signed malware jumped 136% in 2011, and 393% in 2012 accounting for 6.6% of all malware in 2012, up from only 1.3% of all new malware in 2010. For the first three quarters of this year, signed malware is already up 20% over all of 2012. McAfee also revealed that from 2010 to 2011, signed Android malware shot up by 1,412%.
Symantec showed in the first 5 months of this year a 600% increase in attacks on keys and certificates. In just one month of 2013 Symantec found 800 different malware packages designed to steal keys and certificates.
All this just means, as mentioned in my book, your best defense is still informed cautious behavior.