Hackers compromised servers Adobe

Posted: September 28, 2012 in Security Notices
Tags: , ,

Adobe LogoAdobe has withdrawn part of its certificates and gave information of the incident to anti-virus vendors.

Adobe company announced that unknown hackers compromised the servers that are used for software development companies. As a result, attackers were able to generate their own security certificates and to issue malware products for Adobe.

“After the signature verification We immediately withdrew infrastructure digital signature code and initiated expert investigation in order to determine how they were established signature. We have detected a compromised build server with access to the infrastructure of the code signing, “– said in a notification producer.

The company also said that the incident could affect only those solutions Adobe, whose signatures were created using the compromised certificate and work on Windows, as well as three applications Adobe AIR, which run on Windows and Mac OS X.

During the investigation, it became known that attackers use digital signatures Adobe to distribute malware pwdump7 v7.1. This program retrieves the password hash users of Windows, and is sometimes used as a single file, which is constantly connected to the OpenSSL library libeay32.dll. The researchers discovered another library myGeeksmail.dll, which a signature Adobe, but the evidence for its use of cyber attacks have no employees.

Anti-virus software manufacturers have been notified of the incident, in order to enable them to add Adobe to the compromised certificates threat signatures. Before the advent of the new certificate, which will be held on October 4, Adobe legitimate products will use an intermediate certificate.

The list of products whose work can affect a review of the COA Adobe, is available here.

Notify Adobe’s security of the incident can be found here.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s