It’s frightening what criminals can buy on the dark web. But it’s even scarier that they may be buying your own security certificates to use against you. Venafi recently sponsored a six-month investigation into the sale of digital code signing certificates on the dark web. Conducted with the Cyber Security Research Institute (CSRI), our research revealed that not only are code signing certificates readily available for purchase on the dark web, they are selling for up to $1,200.
Freaky fact: this makes code signing certificates more expensive than the counterfeit U.S. passports, stolen credit cards and the handguns nefarious actors can also purchase on the dark web.
![SSL/TLS Certificates and Their Prevalence on the Dark Web](/_next/image/?url=https%3A%2F%2Fcdn.venafi.com%2F994513b8-133f-0003-9fb3-9cbe4b61ffeb%2F82aa2ade-d203-4e3b-a006-a0afe7003249%2Faid_field_img__751ef5e77f0f901147bc067d97559226.png%3Fw%3D650%26h%3D400%26fm%3Dwebp%26q%3D50%26fit%3Dcrop&w=1920&q=75&dpl=dpl_7ZL7jWH6fkBFTqu9RkhpXSqXj1yS)
SSL/TLS Certificates and Their Prevalence on the Dark Web
Spooked enough to learn more about our investigation? Check out the infographic below. Forewarning, the results are scary!
![infographic-Dark Web.jpg](https://cdn.venafi.com/994513b8-133f-0003-9fb3-9cbe4b61ffeb/e0e3775a-8688-4e39-b752-206c85efb05b/aid_inline_img__f10f716d8feb972fc93f1e8071c1bd90.jpg?fm=webp&q=85)
“Our research proves that code signing certificates are lucrative targets for cyber criminals,” said Kevin Bocek, chief security strategist for Venafi. “With stolen code signing certificates, it’s nearly impossible for organizations to detect malicious software. In addition, code signing certificates can be sold many times over before their value begins to diminish, making them huge money makers for hackers and dark web merchants. All of this is fuelling the demand for stolen code signing certificates.”
Are you protecting your certificates from the dark web?
![Code Signing Machine Identity Management for Dummies](/_next/image/?url=https%3A%2F%2Fcdn.venafi.com%2F994513b8-133f-0003-9fb3-9cbe4b61ffeb%2F54428261-0939-482b-a3d2-09d42b495c92%2Faid_field_img__8a5a8819754104e57a5e77ae4f623817.png%3Fw%3D650%26h%3D400%26fm%3Dwebp%26q%3D50%26fit%3Dcrop&w=1920&q=75&dpl=dpl_7ZL7jWH6fkBFTqu9RkhpXSqXj1yS)
Code Signing Machine Identity Management for Dummies
![Summit 2024 Teaser Photo](/_next/image/?url=https%3A%2F%2Fcdn.venafi.com%2F994513b8-133f-0003-9fb3-9cbe4b61ffeb%2Fb0cc7f7a-6bd7-4fd6-be85-5ff0157186b3%2Fsummit-promo.jpg&w=3840&q=75&dpl=dpl_7ZL7jWH6fkBFTqu9RkhpXSqXj1yS)
2024 Machine Identity Management Summit
Help us forge a new era of cybersecurity
Looking to vulcanize your security with an identity-first strategy? Register today and save up to $100 with exclusive deals. But hurry, this sale won't last!