Microsoft Disrupts Code‑Signing Service Used to Distribute Malware

Colleagues, a cybersecurity alert: Microsoft took down a Malware‑Signing‑as‑a‑Service that abused Artifact Signing to sign malicious binaries.
Who/What: Microsoft attributes the takedown to Fox Tempest. Operators obtained short‑lived certificates (72 h) and sold the service for $5–9k.
Impact: The service facilitated distribution of Rhysida, Oyster, Lumma Stealer and Vidar; affected sectors include healthcare, education, government and finance.
OpFauxSign: Authorities seized signspace.cloud, shut down VMs and disabled code; operators migrated to preconfigured VMs.
Why it matters: Falsified signing undermines software trust and simplifies ransomware delivery.
How do you assess the risk to your organization?
#cybersecurity #ransomware #codesigning #cloudsecurity


Latest comments
No comments yet.