AfterDawn: Tech news

Bit9 hacked, customers targeted with malware

Written by James Delahunty (Google+) @ 10 Feb 2013 10:33 User comments (1)

Bit9 hacked, customers targeted with malware Security firm hacked because it wasn't running its own software.
Bit9, a company that provides security solutions to customers, said it was hacked and a number of its customers were targeted with malware. It admitted that it could have avoided the hack if it had implemented its own software properly on its network.

Bit9 is a "white listing" service provider with customers that range from government agencies to financial firms. White listing protects systems from being attacked by only allowing software from trusted vendors.

The hackers breached a system that Bit9 uses to digital sign its software so that its customers know its safe to run on their systems. They then signed malware using Bit9's digital signature and pushed it out to several of its customers.

"Due to an operational oversight within Bit9, we failed to install our own product on a handful of computers within our network," Chief Executive Patrick Morley wrote.

"As a result, a malicious third party was able to illegally gain temporary access to one of our digital code-signing certificates that they then used to illegitimately sign malware."

In 2011, a similar attack was made against RSA Security, when hackers stole information about its SecurID system. Two months after the breach, the hackers used the information to launch attacks against Lockheed Martin.

Tags: Bit9
Previous Next

Related news

 

1 user comment

110.2.2013 13:01

Now this doesnt shock me at all.

Why most of these so called security firms that store your data dont tell you hi where running windows server 2003 or hi where running the latest windows server version which has been hack bent over a table patched and taken for a ride.

Even as a beta tester i had to test the 30 day trial for windows server 2003 within 5 minutes i had ti activated the timebomb removed replaced the driver cab from a legit version of windows xp pro and installed a service pack done

Comments have been disabled for this article.

Latest news

Plex now available for PS3, PS4 with limitations Plex now available for PS3, PS4 with limitations (17 Dec 2014 22:56)
A little over a month after Plex released an app for the Xbox 360 and Xbox One, the personal media streaming company has released apps for the PS3 and PS4.
U.S. to blame North Korea for Sony Pictures hack U.S. to blame North Korea for Sony Pictures hack (17 Dec 2014 21:52)
According to numerous media outlets, U.S. government officials will announce tomorrow that North Korea was indeed behind the devastating hack on Sony Pictures.
2 user comments
Sony has no plans to ever release 'The Interview' - no DVD, Blu-ray, no VOD, no TV Sony has no plans to ever release 'The Interview' - no DVD, Blu-ray, no VOD, no TV (17 Dec 2014 20:30)
Sony Pictures has now decided against ever releasing 'The Interview' in any form, almost guaranteeing themselves a $100 million loss on the film.
10 user comments
Nearly everyone in Hollywood is outraged by Sony and the movie theater chain's 'act of cowardice' in canceling 'The Interview' Nearly everyone in Hollywood is outraged by Sony and the movie theater chain's 'act of cowardice' in canceling 'The Interview' (17 Dec 2014 20:00)
Following news that all the major U.S. movie theater chains would not be showing 'The Interview,' Sony Pictures announced it was canceling the release of the film, which was slated to open on Christmas in the U.S.
2 user comments
The hackers win: Sony cancels release of 'The Interview' as movie theaters bail The hackers win: Sony cancels release of 'The Interview' as movie theaters bail (17 Dec 2014 19:39)
Just hours after major U.S. theater chains said they would not screen the film following terrorists threats, Sony has canceled the release of 'The Interview,' a comedy in which Seth Rogen and James Franco are sent to North Korea to assassinate Kim Jo
5 user comments

News archive