Dark Web Research: Illicit Code Signing Certificates More Valuable Than Passports and Handguns

Venafi and Cyber Security Research Institute uncover flourishing trade in code signing certificates

SALT LAKE CITY--()--Venafi®, the leading provider of machine identity protection, today announced the findings of a six-month investigation into the sale of digital code signing certificates on the dark web.

Conducted on behalf of Venafi by the Cyber Security Research Institute (CSRI), the research uncovered code signing certificates readily available for purchase on the dark web, selling for up to $1,200 – making them more expensive than counterfeit U.S. passports, stolen credit cards and even handguns.

“We’ve known for a number of years that cyber criminals actively seek code signing certificates to distribute malware through computers,” said Peter Warren, chairman of the CSRI. “The proof that there is now a significant criminal market for certificates throws our whole authentication system for the internet into doubt and points to an urgent need for the deployment of technology systems to counter the misuse of digital certificates.”

Code signing certificates are used to verify the authenticity and integrity of computer applications and software and make up a vital element of internet and enterprise security. However, cybercriminals can take advantage of compromised code signing certificates to install malware on enterprise networks and consumer devices.

“Our research proves that code signing certificates are lucrative targets for cyber criminals,” said Kevin Bocek, chief security strategist for Venafi. “With stolen code signing certificates, it’s nearly impossible for organizations to detect malicious software. Any cyber criminal can use them to make malware, ransomware, and even kinetic attacks trusted and effective. In addition, code signing certificates can be sold many times over before their value begins to diminish, making them huge money makers for hackers and dark web merchants. All of this is fuelling the demand for stolen code signing certificates.”

Warren added: “Although our research uncovered a thriving trade in code signing certificates, we were only able to scratch the surface of this market. In an ironic twist, our researchers were often limited from delving further as dark web traders didn’t trust them. We suspect that TLS, VPN, and SSH key and certificate trading is also rife, alongside the trade in code signing certificates we uncovered.”

Additional Resources:

Blog: Dark Web Research: How Much Will Criminals Pay for Your Certificates?

Infographic: Digital Certificates on the Dark Web

About the research:

The six-month investigation was carried out by the CSRI in partnership with the Cyber Security Centre at the University of Hertfordshire, dark web specialists Flashpoint and a team of freelance researchers. It was sponsored by Venafi, the leading provider of machine identity protection.

About the CSRI:

The Cyber Security Research Institute is a research centre specialising in studying the risks in the world of technology and the impact that these have on a world now completely dependent on technology. It provides information on issues ranging from cyber sabotage and cyber espionage to data awareness and computer crime, to increased awareness of the latest threats and weaknesses in the technology that we all rely on.

About Venafi

Venafi is the cybersecurity market leader in machine identity protection, securing machine-to-machine connections and communications. Venafi protects machine identity types by orchestrating cryptographic keys and digital certificates for SSL/TLS, IoT, mobile and SSH. Venafi provides global visibility of machine identities and the risks associated with them for the extended enterprise—on premises, mobile, virtual, cloud and IoT — at machine speed and scale. Venafi puts this intelligence into action with automated remediation that reduces the security and availability risks connected with weak or compromised machine identities while safeguarding the flow of information to trusted machines and preventing communication with machines that are not trusted.

With 31 patents currently in its portfolio, Venafi delivers innovative solutions for the world's most demanding, security-conscious Global 2000 organizations. Venafi is backed by top-tier investors, including Foundation Capital, Intel Capital, Origin Partners, Pelion Venture Partners, QuestMark Partners, Mercato Partners and NextEquity. For more information, visit www.venafi.com.

Contacts

Venafi
Shelley Boose, 408-398-6987
shelley.boose@venafi.com

Release Summary

Venafi and Cyber Security Research Institute uncover flourishing trade in code signing certificates

Contacts

Venafi
Shelley Boose, 408-398-6987
shelley.boose@venafi.com