Security researchers have discovered yet another cyber-attack campaign using stolen certificates to circumvent traditional security tools.
The tactic was being used to launch a remotely controlled backdoor dubbed Plead and a related password stealer, according to Eset senior malware researcher, Anton Cherepanov. Plead was spotted last year being used by a group known as BlackTech to compromise targets in East Asia including Hong Kong, Japan and Taiwan, and as such could be a Beijing-backed venture.

The link for this article located at InfoSecurity is no longer available.