Trend Micro is aware of a recent research publication and subsequent articles regarding some findings from a trio of researchers from the University of Maryland, College Park, in which they found a total of 325 signed malware samples that were using either valid or malformed digital signatures.
According to the research, several security vendors – including Trend Micro – failed to detect some of the known malicious samples.
Trend Micro has re-analyzed all of the samples and abusive certificates published by the researchers and can confirm that all of the samples have been added to our Smart Protection Network and are detected by Trend Micro products with a minimum Pattern File of 13.765.00. We are also continuing to research and apply the findings to tune our detection technologies to better proactively detect and stop these types of threats.
Trend Micro highly recommends a layered defense strategy such as Trend Micro Connect Threat Defense that covers the various aspects of today’s complex network environments and provides security professionals a 360-degree view.
In addition, Trend Micro products which utilize advanced behavior detection such as Predicative Machine Learning have proactive protection capabilities against known and unknown threats that may try and utilize some of these methods.