Nation-state hackers based in China recently infected a certificate authority and several government and defense agencies with a potent malware cocktail for burrowing inside a network and stealing sensitive information, researchers said on Tuesday.
The successful compromise of the unnamed certificate authority is potentially serious, because these entities are trusted by browsers and operating systems to certify the identities responsible for a particular server or app. In the event the hackers obtained control of the organization’s infrastructure, they could use it to digitally sign their malware to make it more easily slip past endpoint protections. They might also be able to cryptographically impersonate trusted websites or intercept encrypted data.
