A slightly on-the-nose depiction of malware. Photo: ullstein bild / Getty

Researchers at Recorded Future profiled the only two large sellers of fraudulently acquired “software certificates” in a new report. With prices as low as $299, the illicit certificates can evade some digital defenses on the cheap.

Why it matters: Software certificates are essentially a high-tech way for computers to ask a trusted third party, “hey, have you ever heard of this program?” If that system breaks down, unsuspecting users may end up installing malware without any warning.

  • The details: For between $299 (for a low-end certificate from the antivirus firm Comodo, allowing a program to start building a reputation for not being malicious) and $1,599 (for a certificate from Symantec that already has passed those filters) a criminal can purchase certificates through one of the vendors.
  • The nitty-gritty: The vendors both appear to be selling primarily to a Eastern European market through hacker forums.
  • Does it work? It sure seems to. The report found that malware that was caught by eight mostly high-end antivirus programs was only caught by two antivirus programs after adding the fraudulent certificate.
    • “It can effectively be used to obfuscate malware from any antivirus program,” Andrei Barysevich, the researcher behind the report, told Axios.
  • Only two? Recorded Future is a threat intelligence firm that operates like a search engine for the darkest corners of the internet that search engines are unable to access. Their search and consultation with experts only turned up the two major vendors of fake certificates.

Go deeper

Updated 19 mins ago - Politics & Policy

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Politics: Ex-FDA chief: Pence campaigning after COVID exposure puts others at risk — Mark Meadows: "We are not going to control the pandemic"
  2. Health: 13 states set single-day coronavirus case records last week — U.S. reports over 80,000 new cases for second consecutive day.
  3. World: Italy tightens restrictions Spain declares new state of emergency.
  4. Media: Fox News president and several hosts advised to quarantine after possible COVID-19 exposure

Amy Coney Barrett's immediate impact

Illustration: Eniola Odetunde/Axios

In her first week on the job, Amy Coney Barrett may be deciding which votes to count in the presidential election. By her third week, she’ll be deciding the fate of the Affordable Care Act.

Where it stands: The Senate votes on Barrett’s nomination tomorrow. If she’s confirmed, Chief Justice John Roberts is expected to swear her in at the Supreme Court within hours, an administration official tells Axios.

Texas Democrats beg Biden to spend now

Photo: Ron Jenkins/Getty Images

The Biden campaign is rebuffing persistent pleas from Texas Democrats to spend at least $10 million in the Lone Star state, several people familiar with the talks tell Axios.

Why it matters: If Texas — which has 38 electoral votes and is steadily getting more blue, but hasn't backed a Democrat for president since 1976 — flipped to the Biden column, it would be game over. But the RealClearPolitics polling average stubbornly hovers at +2.6 for Trump — and Team Biden appears more focused on closer targets.