Networked machines use keys and SSL/TLS certificates to identify and authenticate themselves when connecting to each other, much like humans employ user names and passwords to go online, according to Venafi®, a privately held provider of machine identity protection and sponsor of the research.
When these certificates are sold on the darknet, they are packaged with a wide range of crimeware that delivers machine identities to cybercriminals who use them to spoof websites, eavesdrop on encrypted traffic, perform attacks and steal sensitive data, among other activities.
Availability - Certificates - Darknet - Surprise - Author
Uncovering the widespread availability of these certificates on the darknet was a surprise, according to lead author David Maimon, an associate professor in Georgia State's Andrew Young School of Policy Studies and director of the EBCS. A search of five marketplaces in the darknet for this research uncovered 2,943 mentions for "SSL" and 75 for "TLS." In comparison, there were just 531...
Wake Up To Breaking News!