Lethic botnet

zScaler: Resurgent Lethic using Stuxnet Tricks

Newly detected versions of the Lethic botnet are digitally signed using stolen credentials similar to those used by the Stuxnet worm, according to a blog post from Web security firm zScaler. 

In a blog post Wednesday, zScaler Senior Security Researcher Mike Geide said the company had intercepted new Lethic variants that were signed using legitimate digital signatures belonging to Taiwanese semiconductor firm Realtek Semiconductor Corp. That’s one of two firms whose credentials were used to help the Stuxnet worm fool detection systems and install itself on target systems.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.