Printed from http://www.electronista.com

Adobe reveals details of two-month-old server intrusion

updated 10:04 pm EDT, Thu September 27, 2012

Authentication server penetrated; code signed as Adobe-authentic

Adobe warned today that an internal digital code signing server was hacked by "sophisticated threat actors" focusing on Adobe. The early-July hack led to the compilation of a minimum of two malicious files that were digitally signed and authenticated as Adobe genuine software. The hack gave the attackers the means to build malware that the operating system views as legitimate Adobe-created software, making it that much harder for security packages to detect and eliminate the threat.

Adobe security chief Brad Arkin noted that "The first malicious utility we received is 'pwdump7 v7.1.' This utility extracts password hashes from the Windows OS and is sometimes used as a single file" linking OpenSSL to Windows.

Temporarily, Adobe's new signing solution includes an offline human validation step to guarantee all new signatures are actually Adobe software. "We are in the process of designing and deploying a new, permanent signing solution," Arkin added.

Few details of the actual breach were provided, except that it affected a build server with access to the verification routines. Arkin admitted that the server didn't comply with "Adobe corporate standards for a build server" and are "investigating why our code signing access provisioning process in this case failed to identify these deficiencies."

Adobe claims that no source code was stolen during the intrusion. The impacted certificates will be revoked on October 4, 2012. All code signed by Adobe after July 10, 2012 is impacted by the certificate revocation.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Sponsor

Recent Reviews

Tylt Energi 2K Travel Charger

Backup batteries and device chargers are objects that many users take for granted. They often only one-dimensional in functionality, r ...

ActvContent Sync Smartband

Smartbands of all sorts are hitting the market. Some build on the buzz around fitness trackers, while others offer simpler features fo ...

RocketStor 6324L Thunderbolt 2 eSATA bridge

Like it or not, the shift to Thunderbolt is underway. The connection is extremely flexible, allowing for video and data to co-habitate ...

Sponsor

toggle

Most Commented

 
toggle

Popular News