Bit9 hacked and keys used to sign malware

Fri, Feb 8, 2013


Brian Krebs reported today that security firm Bit9 has suffered a breach. Apparently the bad guys got access to Bit9’s code signing certificates. This is bad for many reasons. I’m guessing that this code signing certificate is signed by a trusted CA. This would mean that malware signed with it would “appear” legitimate. What’s worse is that according to reports the Bit9 software will automatically trust anything signed by the Bit9 certificate.

Ruh Roh Shaggy.  This should make the RSA Conference experience very interesting for Bit9.


Print Friendly

This post was written by:

- who has written 187 posts on

Contact the author

Leave a Reply

Bad Behavior has blocked 684 access attempts in the last 7 days.

Rodney's 404 Handler Plugin plugged in.