New Research Regarding Online Criminal Marketplaces for Certificates

A recent study from researchers at the Andrew Young School of Policy Studies at Georgia State University discusses how online marketplaces feature a steady supply of TLS / SSL certificates from all major public ertificate Authorities (CAs), including Comodo (Sectigo’s old certificate brand name).

We would like to thank the research team for sharing this information. Sectigo is eager to work with researchers like these and others to help reveal criminal activity and create strategies to mitigate its effectiveness without preventing legitimate business from benefiting from public certificates.

Though we have no direct evidence that the advertised certificates are real, valid, current, and unrevoked, we are paying close attention to the information that can be gathered by the team at GSU or other researchers that will help clarify exactly which certificates are being sold on these “dark web” sites and how they’re being used.

While no CA can discern the intention for a requested certificate, we are prepared to revoke any certificate found to be used in fraudulent or unlawful activity, and we encourage anyone with such knowledge to bring it to our attention. Sectigo operates the Sectigo, Comodo, InstantSSL, PositiveSSL, and EntepriseSSL brands.

You can report criminal use of SSL certificates from any of these brands to [email protected].

You can also report criminal use of Code Signing certificates from any of our brands to [email protected].