Skip to main content
banner image
venafi logo

Attackers Use Fraudulent Certificates to “Hold Up” a Major Brazilian Bank

Attackers Use Fraudulent Certificates to “Hold Up” a Major Brazilian Bank

man robbing a bank with a bank robber's mast
April 7, 2017 | Eva Hanscom

Bank robbers are now using cyber weapons make off with the loot. Kaspersky Labs recently issued a report that revealed a massive cyber attack on a major Brazilian bank. The attack was incredibly pervasive: for five hours last fall, cyber criminals managed to intercept all of the bank’s online banking, mobile, ATM and investment transactions. 

Are fraudulent certificates fooling your customers?
 

We don’t know who was behind this attack, but Kaspersky believes it was orchestrated by a sophisticated cyber crime organization. However, we do know that encryption played a major role in this massive hijack. According to Kaspersky, bad actors transferred the bank's 36 domains to phony websites that used free HTTPS certificates from Let's Encrypt. These sites were presented as legitimate online services and collected the usernames and passwords of customers.

Let’s Encrypt issued certificates to over 21 million websites last year, and many cyber criminals are using these certificates for their own nefarious purposes. This attack in Brazil is just the latest example of the threats fraudulent certificates pose to organizations.

According to Kevin Bocek, chief security strategist for Venafi: “Cybercriminals can now steal money by taking advantage of the one security measure every Internet user has been trained to trust: the green padlock in web browsers. These padlocks are supposed to signify a trusted digital certificate is in use, but now bad actors can obtain them for free.” 


How prevalent are SSL and TLS certificates on the Dark Web? Find out. 
 

Unfortunately, many IT professionals underestimate the threats hiding in their certificates and encrypted traffic. “Security professionals don’t understand the scale and scope of this problem and they don’t have the tools they need to control it,” says Bocek. “This attack is part of a much larger problem that jeopardizes the system of trust behind all digital commerce.”

Bocek recommends organizations embrace security technologies, such as Certificate Transparency and Certificate Reputation, to identify both fraudulent and trusted certificates.

How well do you protect your customers from fraudulent certificates? 


Learn more about machine identity protection. Explore now. 
 

Like this blog? We think you will love this.
image of a person holding a cell phone with the word "malware" and a warning triangle on the screen
Featured Blog

The Enigma of Xhelper

Before we get into the details, here’s what I find puzzling: nobody seems ready

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

CIO Study: Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

Forrester Consulting Whitepaper: Securing the Enterprise with Machine Identity Protection
Industry Research

Forrester Consulting Whitepaper: Securing the Enterprise with Machine Identity Protection

Machine Identity Protection for Dummies
eBook

Machine Identity Protection for Dummies

About the author

Eva Hanscom
Eva Hanscom

Eva is Public Relations Manager at Venafi. She is passionate about educating the global marketplace about infosec and machine-identity issues, and in 2018 grew Venafi's global coverage by 45%.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more
Chat