Malware targeting GnuPG/PGP Keyrings
Ingo Klöcker
kloecker at kde.org
Fri Sep 26 21:49:08 CEST 2008
On Thursday 25 September 2008, Robert J. Hansen wrote:
> David Shaw wrote:
> > It seems odd for a malware author to spend time going after such a
> > small "target market". Going after company-wide installs, perhaps?
>
> I would imagine the author thinks people with keyrings are high-value
> targets, who will be putting high-value secrets in encrypted mails.
> But that's just a guess on my part.
I'd say OpenPGP keys used for signing software (e.g. the source code of
GnuPG) are much more valuable than keys used for encrypting messages,
at least, for people who are constantly trying to get other people to
install their malware. Imagine a trojan GnuPG with a valid signature
made with Werner Koch's key.
Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20080926/13ebe01a/attachment.pgp>
More information about the Gnupg-users
mailing list