Malformed code signatures are treated as valid by Windows but are not able to be decoded or checked by OpenSSL code. The new mechanism was observed to be exploited by a notorious family of unwanted software that’s used to download and install other suspicious programs on compromised systems. Most targets of the campaign are users located in the U.S. who are prone to downloading cracked versions of games and other grey-area software. The findings come from a set of OpenSUpdater samples uploaded to VirusTotal at least since mid-August.”]
Source: https://thehackernews.com/2021/09/google-warns-of-new-way-hackers-can.html