It’s no secret that code-signing certificates are a valuable commodity on the dark web. Last year, researchers uncovered what they suspect are e-shops have been set up to sell Microsoft Authenticode certificates to anonymous buyers. A recent study, commissioned by Venafi, found that code-signing certificates sell on the dark web for around $1200 and each one is unique to the buyer.
Why are they so valuable? When malware code is signed by a seemingly valid certificate, it appears to be legitimate and can thereby evade many malware detection techniques. Just a few months ago, we saw an example of how attackers misused code-signing certificates of Taiwanese companies to spread Plead malware.
Venafi senior threat intelligence analyst, Jing Xie, was interviewed by Application Security Week about the challenges of securing code-signing certificates. Watch the video below to learn why there are such distinct differences between the PKI teams providing private keys and the developers who are using them to sign code.
Learn how easily you can secure the code-signing process using a robust platform for machine identity management. Contact us.