Comodo/Sectigo recalled more than 100 certificates

Sectigo (formed Comodo certification center) claim that company recalled more than 100 digital certificates that attackers used for signing malware codes.

The reason is recent Chronicle report.

Sectigo employees commented on the Chronicle report, insisting that among noted by researchers certificates only 127 were viable at the time of the report. Center of certification recalled them as soon as possible.

“A thank you to security monitoring firm Chronicle for identifying 127 active Code Signing certificates from Comodo / Sectigo used to sign malware incidents. We have revoked these certificates”, — wrote Comodo/Sectigo.

According to the Sertigo specialists, only 10% of certificates, released by Comodo/Sertigo and noted in the Chronicle report, presented a problem.

“Unfortunately, recent press reports suggest the incorrect conclusion that Chronicle reported nearly 2000 such certificates for Comodo / Sectigo. Since this story ran, we have investigated all of the certificates attributed to Comodo/Sectigo. More than 90% of these were expired, previously revoked, or duplicate reports”, — informed Comodo/Sectigo.

It is worth reminding that Chronicle specialists argued that Comodo certification center (currently known as Sertigo) released the greatest number of certificates that use signed malware programs.

Researchers during a year analyzed samples on Virus Total. Compilated by Chronicle data says that among 3815 signed samples of malware programs 1775 used issued by Comodo certification center certificates.

Source: https://sectigo.com/blog

About Trojan Killer

Carry Trojan Killer Portable on your memory stick. Be sure that you’re able to help your PC resist any cyber threats wherever you go.

Check Also

MageCart on the Heroku Cloud Platform

Researchers Found Several MageCart Web Skimmers On Heroku Cloud Platform

Researchers at Malwarebytes reported about finding several MageCart web skimmers on the Heroku cloud platform …

Android Spyware CallerSpy

CallerSpy spyware masks as an Android chat application

Trend Micro experts discovered the malware CallerSpy, which masks as an Android chat application and, …

Leave a Reply