Backdoor malware is being spread through fake security certificate alerts


Backdoor and Trojan malware variants are being distributed through a new phishing technique that attempts to lure victims into accepting an “update” to website security certificates. 

Certificate Authorities (CAs) distribute SSL/TLS security certificates for improved security online by providing encryption for communication channels between a browser and server — especially important for domains providing e-commerce services — as well as identity validation, which is intended to instill trust in a domain. 

Read more…