Digital Certificates used by Malware


Thanks for the link, it’s interesting information. What would be nice, would be some way to use the information locally.

Thanks for the link. None of the certificates are revoked. Is that a reflection of reality or is the table not complete yet?


Do you have any idea why they are not revoked yet?

I don’t
One should ask relevant certification authority.

Funny thing is verisign, geotrust and thawte are all owned by Symantec. Please check the virus total link to see what Symantec says about these malware, yet their own company still hasn’t revoked it. Mind boggling!!!

Melih, thanks for the information.
People should do more noisy when Symantec is involved… Why don’t they (midia, Internet…) say anything?
First time I’ve read something about live Certificates not revoked by Symantec…

When CIS failed with their 5 certificates there was a panic and everyone was talking about it… now a lot of certificates are stolen and no reaction

People should do more noisy when ANYONE is involved …

Thanks for the correction. You’re fully right. It’s not a matter of anti-Symantec posts but a wide security issue.