Darknet Vendors Now Sell Counterfeit TLS Certs

  • Change TLS Certificates Regularly for Better Data Security.
  • Counterfeit TLS certificates pose a huge security risk.
  • Fraudulent certificates issued in the name of real services could be used to support phishing scams. Fake certs may also be used to decrypt traffic via a MiTM(man-in-the-middle) attack.

Some malware distributors also use legit certs to sign their malware with it thus makes it far less likely that security software will detect the code as malicious.crypto

Previously, researchers suspected that many SSL certs were in fact stolen.

 Expensive Goods:

Recorded Future found four main vendors of TLS certificates in recent years.

Three remain active two of which catering to Russian speakers.

The vendors all appear to operate a unique market: Buyers specify what they need, and the vendors obtain the certs, registered fraudulently using legit details.

The counterfeit certs are obtained from a range of legit CAs, including Comodo, Symantec as well as Thawte all are a part of Symantec Corp.

Olé Crypto,



Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.