 "Microsoft admits to signing rootkit malware in supply-chain fiasco")
Tech giant Microsoft has now confirmed signing a malicious driver being distributed within gaming environments.
According to Bleeping Computers, this driver, called "Netfilter," is a rootkit that was observed communicating with Chinese command-and-control (C2) IPs.
G Data malware analyst Karsten Hahn first took notice of this event last week and was joined by the wider infosec community in tracing and analysing the malicious drivers bearing the seal of Microsoft.
This incident has once again exposed threats to software supply-chain security, except this time it stemmed from a weakness in Microsoft's code-signing process.
Microsoft said it is actively investigating this incident, although thus far, there is no evidence that stolen code-signing certificates were used.
The mishap seems to have resulted from the threat actor following Microsoft's process to submit the malicious Netfilter drivers and managing to acquire the Microsoft-signed binary in a legitimate manner.
"Microsoft is investigating a malicious actor distributing malicious drivers within gaming environments," the company was quoted as saying by the website.
"We have suspended the account and reviewed their submissions for additional signs of malware," said Microsoft yesterday.
According to Microsoft, the threat actor has mainly targeted the gaming sector specifically in China with these malicious drivers and there is no indication of enterprise environments having been affected so far.
--IANS
vc/in
(Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)
You’ve reached your limit of {{free_limit}} free articles this month.
Subscribe now for unlimited access.
Already subscribed? Log in
Subscribe to read the full story →
Smart Quarterly
₹900
3 Months
₹300/Month
Smart Essential
₹2,700
1 Year
₹225/Month
Super Saver
₹3,900
2 Years
₹162/Month
Renews automatically, cancel anytime
Here’s what’s included in our digital subscription plans
Exclusive premium stories online
Over 30 premium stories daily, handpicked by our editors
Complimentary Access to The New York Times
News, Games, Cooking, Audio, Wirecutter & The Athletic
Business Standard Epaper
Digital replica of our daily newspaper — with options to read, save, and share
Curated Newsletters
Insights on markets, finance, politics, tech, and more delivered to your inbox
Market Analysis & Investment Insights
In-depth market analysis & insights with access to The Smart Investor
Archives
Repository of articles and publications dating back to 1997
Ad-free Reading
Uninterrupted reading experience with no advertisements
Seamless Access Across All Devices
Access Business Standard across devices — mobile, tablet, or PC, via web or app