light bulb

Did You Know?



Reply
Posts: 4,353
Topics: 2,711
Kudos: 5,351
Registered: ‎06-12-2013

SSL Black List Aims to Publicize Certificates Associated With Malware

by Dennis Fisher  July 15, 2014

 

Malware and botnet operators are always adapting their tactics, trying to stay a step or two ahead of defensive technologies and techniques. One of the methods many attackers have adopted is using SSL to communicate with the infected machines they control, and a researcher has started a new initiative to track the certificates attackers use in these operations and publish them.

Thew new SSL Black List is a public list of certificates associated with a variety of malicious operations, including botnets, malware campaigns and banking Trojans. The database comprises SHA-1 fingerprints of each certificate as well as the reason why it was included in the database. Right now, the list includes more than 125 certificate fingerprints, many of which are associated with well-known botnets and malware operations such as Shylock, Kins and Zeus.

 

Full Article

Sr. Community Leader