Security News > 2023 > February > Emsisoft says hackers are spoofing its certs to breach networks
A hacker is using fake code-signing certificates impersonating cybersecurity firm Emsisoft to target customers using its security products, hoping to bypass their defenses.
In a new security advisory, Emsisoft warned that one of its customers was targeted by hackers using an executable signed by a spoofed Emsisoft certificate.
"We recently observed an incident in which a fake code-signing certificate supposedly belonging to Emsisoft was used in an attempt to obfuscate a targeted attack against one of our customers," said Emsisoft in the security advisory.
Emsisoft says the threat actor likely gained initial access to the compromised device via brute-forcing RDP or using stolen credentials belonging to an employee of the targeted organization.
This MeshCentral executable was signed with a fake Emsisoft certificate claiming to be from "Emsisoft Server Trusted Network CA.".
While Emsisoft did not share details on the executable, BleepingComputer discovered it was named 'smsse.