Hello,
I just saw this : https://twitter.com/BelchSpeak/status/659075998688923649
The image is here : http://i.hizliresim.com/QWVq1k.png
It is not normal, can you prevent this kind of problems guys? What does it mean, I really know nothing about digital signing?
Thank you.
What a pity that is an upatre sample…
I got reply from Rich_S stating it will get revoked back to date of issuance which will invalidate the signature.
What does upatre mean? The Merriam-Webster dictionary does not know it.
It is a malware type.
You can check here : UPATRE - Threat Encyclopedia
and I am sad about it now Comodo has no encyclopedia like this one.
In fact, I did not check that digital signature is in Comodo Trusted Vendor List? Can you please check it for me?
“Time Divers Ltd” = http://i.hizliresim.com/vR600A.jpg
If Comodo TVL trusts the file, then the detection will not work.
This is a small but serious hole in CIS security “Trusted Malwares”
Comodo detected the file : VirusTotal as TrojWare.Win32.Waski.CERT
Time Divers is not on the TVL.
Hello EricJH,
Can you please report this Cryptolocker to Comodo employees?
Comodo is the signer of this malware :-TD :-TD Check file details…
Please inform me about it.
I sent a pm.
I got a pm yesterday that Comodo is on it.
Thanks EricJH!
I connected with Rich_s about this and he asked to submit malware that is signed by Comodo code signing certificate by email. I updated the topic start of Report trusted and whitelisted malware here - 2015 (NO LIVE MALWARE!):
Next time you can submit the malware samples to the mentioned email address for quick processing.
