Threat Actors Use Abnormal Certificates to Deliver Info-stealing Malware

Cybersecurity researchers at ASEC have discovered malicious actors exploiting abnormal certificates to deploy information-stealing malware. These certificates can mislead users into trusting harmful websites or software leading to data breaches or malware infections. Two distinct malware types, LummaC2 and RecoreBreaker, have been distributed. The malware can expose sensitive information like browser accounts and cryptocurrency wallets and can install additional malicious code resulting in continuous damage.