Security firm Kaspersky Lab Thursday said it’s identified a malicious program that appears to make use of a compromised Symantec VeriSign digital certificate issued to Conpavi AG, which is known to work with Swiss government agencies. Kaspersky says it has asked Symantec VeriSign to revoke the compromised certificates.Kaspersky says the malicious program contains what’s being called Trojan-Dropper.Win32.Mediyes. A dropper file is a type of malware commonly used by attackers to seed targeted computers in order to easily drop other malware into it in the future for a wide variety of purposes.SLIDESHOW: A look at China’s cyberwar planningKaspersky Lab researcher Vyacheslav Zakorzhevsky wrote today in a blog that the malicious DLL Trojan.Win32.Mediyes was detected on the computers of about 5,000 users, mainly in Western Europe, including Germany, Switzerland, Sweden, France and Italy. The Mediyes malware has been seen between December 2011 and March 7, 2012 and in all the cases it was signed with a certificate issued for the Swiss company Conpavi, according to the Kaspersky Lab researcher.One main purpose of Trojan.Win32.Mediyes is to help facilitate the interception of web browser requests sent to the Google, Yahoo! And Bing search engines, as the search queries are “used by the criminals to earn money as part of the Search 123 partner program that works on a pay-per-click basis,” writes Zakorzhevsky. The attackers seem to working with a server in Germany. “The malware is clearly aimed at users in Europe,” Zakorzhevsky writes. “This is backed up by other evidence – the certificate from a Swiss company, the server in Germany, and only the requests made on major international search engines being intercepted.”Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security.Read more about wide area network in Network World’s Wide Area Network section. Related content news Is China waging a cyber war with Taiwan? Nation-state hacking groups based in China have sharply ramped up cyberattacks against Taiwan this year, according to multiple reports. By Gagandeep Kaur Dec 01, 2023 4 mins Cyberattacks Government news Apple patches info-stealing, zero day bugs in iPads and Macs The vulnerabilities that can allow the leaking of sensitive information and enable arbitrary code execution have had exploitations in the wild. By Shweta Sharma Dec 01, 2023 3 mins Zero-day vulnerability feature The CSO guide to top security conferences Tracking postponements, cancellations, and conferences gone virtual — CSO Online’s calendar of upcoming security conferences makes it easy to find the events that matter the most to you. By CSO Staff Dec 01, 2023 6 mins Technology Industry IT Skills Events news Conti-linked ransomware takes in $107 million in ransoms: Report A ransomware campaign linked to the ostensibly defunct Conti malware group has targeted mostly US businesses, in a costly series of attacks. By Jon Gold Nov 30, 2023 4 mins Ransomware Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe