PDA

View Full Version : Code signing problem



worker17
2011-03-23, 17:12
I am experiencing a strange problem, and am trying to clear out all possibilities to determine the error. I develop programs with Delphi 7 under Windows XP. I am running Spybot / Teatimer as well.

Until recently, the system has been OK. I use a certificate from Comodo to sign my applications, which is still valid and current. Before signing the programs, they run correctly, without problem. When I sign the EXE file, though, when I try to execute the program, a message box comes up saying:

This program is cracked.
The application will be terminated.
OK

And all I can do is click the OK button. I have searched the internet but found no relevent information about this. I have scanned my system with AV and SB programs, and found no infections or threats. I have searched my programming directories and found no file with the text from the message box in the components.

Has anyone experienced this problem or seen something similar?

Is this a message from Teatimer?

Thanks for your help.

Gopher John
2011-03-24, 00:05
This episode makes Comodo certs suspect to many people. I don't know if this is your particular problem.

Microsoft Advisory about fraudulent SSL Certificates (http://isc.sans.edu/diary/Microsoft+Advisory+about+fraudulent+SSL+Certificates/10600)

Microsoft Security Advisory (2524375) (http://www.microsoft.com/technet/security/advisory/2524375.mspx)

The Recent RA Compromise (http://blogs.comodo.com/it-security/data-security/the-recent-ca-compromise/)


Finally Comodo spoke up to let us know more about the certificate issue we have been covering this morning with Firefox and Microsoft releasing "certificate black list" updates. [1]

Comodo states that none of the keys and signing/intermediate CAs were compromised. Instead, systems at an affiliate were compromised to trick the affiliate into signing fraudulent certificates. The attacker obtained username and password to log into the partners systems, and was thus able to to issue the fraudulent certificates.

According to Comodo, the breach was discovered quickly and they are pretty sure that the attacker only issued the now blacklisted certificates.

Firefox 3 Updates and SSL Blacklist extension (http://isc.sans.edu/diary/Firefox+3+Updates+and+SSL+Blacklist+extension/10597)