What agency digitally signed Cryptowall 2.0 so that it can run without being detected?

Question

What agency issued a digital signature for the Cryptowall 2.0 ransomware virus?

Is it too early to tell? As far as I know this is how Microsoft planned to prevent malware, by adding a digital certificate to the BIOS, or to any of the programs that get loaded on a Windows machine.

As far as I know, the malware is smart enough to delete all of the browser history on the day the system is attacked; which makes it impossible (from the desktop at least, maybe not from the router) to figure out what IP it came from.

But a digital certificate is only as good as the company that issues them; if there's human-corruption within that company then our data is all doomed.

Who signed Cryptowall 2.0?

Answer 1

It was signed by a certificate of the famous and trusted Comodo company.

One of the interesting aspects is that the variant of the malware discovered by security researchers is apparently signed a few hours before the campaign was launched, with a valid digital certificate from Comodo, which makes it more difficult to detect on the affected system.

(Note that on the start of this October there has been a new release of it)

Answer 2

You are technically wrong when you say "signed the virus". the CA NEVER signs any code. What CA can do, is issue a code-signing certificate. Then the MAKER of the virus do sign the code. This means the CA never see the code and you can't really blame the CA for issuing a code-signing certificate.

The Point of a code-signing certificate, is to bind the code to the person who signed it. So if the CA did a correct verification here, and the code-signing certificate was not leaked, then you should have the virus maker's personal details right in front of you, and it should be easy to get him prosecuted and liable for financial loss due to the virus.