loader gif

Sectigo Revokes Certificates Used to Sign Malware Following Recent Report

Sectigo Revokes Certificates Used to Sign Malware Following Recent Report (Malware and Vulnerabilities)

Sectigo (formerly Comodo CA) says it revoked more than 100 digital certificates following a report from Chronicle that thousands of malware samples found on VirusTotal over the past year were digitally signed by certificates issued by Comodo. Published last week, the report showed that out of a total of 3,815 signed malware samples analyzed, 1,775 used a digital certificate issued by Comodo RSA Code Signing Certificate Authority (CA). Furthermore, 182 certificates the CA issued after it was renamed to Sectigo were used to sign malware as well, Chronicle, the cybersecurity company of Google parent company Alphabet, said. “As a policy, Sectigo revokes certificates used in malware attacks and does not issue them to known malware purveyors," Tim Callan, Sectigo's Senior Fellow, said last week, responding to a SecurityWeek inquiry. According to the CA, the discovered malware samples were signed with 1660 duplicate certificates, 70 expired certificates, 126 previously revoked certificates, and 25 certificates that did not match records of Code Signing certificates from Comodo / Sectigo and are still being investigated.

loader gif