A slightly on-the-nose depiction of malware. Photo: ullstein bild / Getty

Researchers at Recorded Future profiled the only two large sellers of fraudulently acquired “software certificates” in a new report. With prices as low as $299, the illicit certificates can evade some digital defenses on the cheap.

Why it matters: Software certificates are essentially a high-tech way for computers to ask a trusted third party, “hey, have you ever heard of this program?” If that system breaks down, unsuspecting users may end up installing malware without any warning.

  • The details: For between $299 (for a low-end certificate from the antivirus firm Comodo, allowing a program to start building a reputation for not being malicious) and $1,599 (for a certificate from Symantec that already has passed those filters) a criminal can purchase certificates through one of the vendors.
  • The nitty-gritty: The vendors both appear to be selling primarily to a Eastern European market through hacker forums.
  • Does it work? It sure seems to. The report found that malware that was caught by eight mostly high-end antivirus programs was only caught by two antivirus programs after adding the fraudulent certificate.
    • “It can effectively be used to obfuscate malware from any antivirus program,” Andrei Barysevich, the researcher behind the report, told Axios.
  • Only two? Recorded Future is a threat intelligence firm that operates like a search engine for the darkest corners of the internet that search engines are unable to access. Their search and consultation with experts only turned up the two major vendors of fake certificates.

Go deeper

Filing suggests Manhattan DA is investigating Trump for possible fraud

Photo: Brendan Smialowski/AFP

The Manhattan District Attorney's office suggested for the first time Monday that it's investigating President Trump and his company for "alleged bank and insurance fraud," the New York Times first reported.

The state of play: The disclosure was made in a filing in federal court that seeks to force accounting firm Mazars USA to comply with a subpoena for eight years of Trump's personal and corporate tax returns.

Updated 39 mins ago - Politics & Policy

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Global: Total confirmed cases as of 1 p.m. ET: 18,139,438 — Total deaths: 690,452 — Total recoveries — 10,751,618Map.
  2. U.S.: Total confirmed cases as of 1 p.m. ET: 4,682,461 — Total deaths: 154,965 — Total recoveries: 1,468,689 — Total tests: 56,812,162Map.
  3. Politics: White House will require staff to undergo randomized coronavirus testing — Pelosi says Birx "enabled" Trump on misinformation.
  4. Business: Virtual school is another setback for retail — The pandemic hasn't hampered health care.
  5. Public health: Former FDA chief says MLB outbreaks should be warning sign for schools.

House Democrats subpoena top Pompeo aides in probe of IG firing

Mike Pompeo. Photo: Jim Lo Scalzo-Pool/Getty Images

The Democratic chairs of the House Oversight and House Foreign Affairs committees announced subpoenas Monday for four State Department officials as part of their investigation into the firing of former Inspector General Steve Linick.

Why it matters: The two committees, in addition to Democrats on the Senate Foreign Relations Committee, are investigating whether Linick was fired because he was probing Secretary of State Mike Pompeo and the State Department's attempts to bypass Congress to sell weapons to Saudi Arabia and the United Arab Emirates.