Symantec solutions recently helped detect an attempt to defraud VeriSign into issuing two digital certificates.
Through routine fraud screening procedures, VeriSign discovered that it had issued two digital certificates to an individual who fraudulently claimed to be a representative of Microsoft Corporation.
Digital certificates are used to prove that the data originated from the authorized owner and that it has not been modified. These certificates could be used to digitally sign a program containing malicious code of any type under the name of Microsoft.
“This is a tremendous example of how two Symantec products - Norton AntiVirus and Enterprise Security Manager - can work together to provide a comprehensive solution to a real-time threat,” said Rob Clyde, chief technologist for Symantec’s enterprise solutions division.
“We were pleased to see Symantec work quickly to assemble an antidote to avert this potential vulnerability,” said Mahi de Silva, vice president and general manager of applied trust services at VeriSign. “Working together we were able to diminish the opportunity for an attacker to distribute malicious code.”
Enterprise Security Manager provides vulnerability assessment capabilities on machines that have executed one or both of the fraudulent certificates. The Symantec AntiVirus Research Center developed definitions for anti-virus solutions to detect and prevent the download of these certificates, as well as to scan the existing file system providing real-time protection. This prevents customers from executing code signed with the fraudulent certificates, even if the code is sent via email.
The company is a leading provider of virus protection, vulnerability assessment, intrusion prevention, Internet content and email filtering, remote management technologies and security services. Headquartered in Cupertino, Calif., Symantec has worldwide operations in 36 countries.