Blog | G5 Cyber Security

Java exploit signed with certificate stolen to Bit9

Malware used in a zero-day Java exploit was signed with certificates stolen from a Bit9 security firm that was hit itself by a cyber attack. The malicious code used for the exploits is the same found in the recently attacks at security firm Bit9. Security analysts observed also that once infected the victims, the malware contacted C&C server with IP address 110.173.55.187, exactly the same server used in the attack against Bit9 and described by same security firm in a blog post.”]

Source: https://securityaffairs.co/wordpress/12692/hacking/java-exploit-signed-with-certificate-stolen-to-bit9.html

Exit mobile version