Follow
Hackers somehow got their rootkit a Microsoft-issued digital signature: https://www.zdnet.com/article/hackers-somehow-got-their-rootkit-a-microsoft-issued-digital-signature/
"In order to stay safe, we recommend that users only download software from the vendor's website or from trusted resources." ... Um, isn't that why code is signed, victim blamer?
When people don't know even the basic theory of how their own computers work, can you really blame them for not knowing the dangers of risky browsing behavior & how to spot them?
Malware authors exploit owner-user ignorance, & anti-malware vendors encourage that ignorance.