[cryptography] Which CA sells the most malware-signing certs?
I've just done a quick tally of the certs posted to http://www.ccssforum.org/malware-certificates.php, a.k.a. "Digital Certificates Used by Malware". Looks like Verisign (and its sub-brand Thawte) are the malware-authors' CA of choice, selling more certs used to sign malware than all other CAs combined. GeoTrust comes second, and everything below that is in the noise. GoDaddy, the most popular CA, barely rates. Other CAs who've sold their certs to malware authors include ACNLB, Alpha SSL (which isn't supposed to sell code-signing certificates at all as far as I can tell), Certum, CyberTrust, DigiCert, GeoTrust, GlobalSign, GoDaddy, Thawte, StarField, TrustCenter, VeriSign, and WoSign. Everyone's favourite whipping- boy CAs CNNIC and TurkTrust don't feature at all. Caveats: These are malware certs submitted by volunteers, so they're not a comprehensive sample. The site tracks malware-signing certs and not criminal- website certs, for which the stats could be quite different. Peter. _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
participants (1)
-
Peter Gutmann