Microsoft admits to signing rootkit malware in supply-chain fiasco - it communicated with Chinese command-and-control (C2) IPs

"It turns out, the C2 infrastructure belongs to a company classified under "Communist Chinese military" by the US Department of Defense".

One just has to wonder how good Microsoft's checks really are, and seeing this is not open source code that anyone outside Microsoft can easily check, it leaves their users open to abuse.

Question also now is, what other rootkit software like this reports back to other governments? End users just have to trust what they get from an OS provider.

See Microsoft admits to signing rootkit malware in supply-chain fiasco

#technology #security #microsoft

Microsoft has now confirmed signing a malicious driver being distributed within gaming environments. This driver, called "Netfilter," is in fact a rootkit that was observed communicating with Chinese command-and-control IPs.

source https://gadgeteer.co.za/microsoft-admits-signing-rootkit-malware-supply-chain-fiasco-it-communicated-chinese-command-and