Microsoft on Tuesday disclosed it took steps to suspend accounts that were used to publish malicious drivers that were certified by its Windows Hardware Developer Program were used to sign malware.
The tech giant said its investigation revealed the activity was restricted to a number of developer program accounts and that no further compromise was detected.
Cryptographically signing malware is concerning not least because it not only undermines a key security mechanism but also allows threat actors to subvert traditional detection methods and infiltrate target networks to perform highly privileged operations.
