image credit: Flickr

New Threat Actor Fraudulently Buys Digital Certificates to Spread Malware

September 16, 2019

Researchers have identified a new threat actor that is using impersonation fraud to purchase digital certificates that are then used for the spread of malware.

Security firm ReversingLabs identified a bad actor that deceives certificate authorities into selling them legitimate digital certificates by impersonating company executives, according to a blog post by chief architect and co-founder Tomislav Pericin. Once purchased, the bad actor sells the certificates on the black market for digitally signing malicious files, mainly adware, he said.

Read More on Threat Post