Sunday, May 25, 2025
HomeComputer SecurityHackers Purchasing Abused SSL/TLS certificates From Dark Web Markets to Victimize...

Hackers Purchasing Abused SSL/TLS certificates From Dark Web Markets to Victimize their Targets

Published on

SIEM as a Service

Follow Us on Google News

SSL/TLS certificates are the backbones of secure communication, it encrypts the sensitive information that sent across the internet, so that, only the intended recipients can get access to it.

The SSL/TLS certificates provides trust with lock icon and also provides authentication, which makes you to ensure the information has been sent to the correct server.

But the certificates are poorly protected, which allows attackers to abuse them and use it for launching a high-profile attacks.

- Advertisement - Google News

Evidence-based Cybersecurity Research Group published a detailed report on the volumes of SSL/TLS certificates that available for sale on the dark web, including the details on how they are packaged and sold to attackers. The report highlights the emergence of identity-as-a-service on the dark web marketplace.

Threat actors sold the certificates individually as well as packed with other tools that deliver machine-identities-as-a-service to attackers who like to launch a man-in-the-middle attacks, spoof websites, eavesdrop and to steal sensitive data.

Researchers conducted 16 weekly searches across all 60 websites on the Tor network, 17 webpages on I2P. Listings of SSL/TLS certificates found in markets such as Dream Market, Wall Street Market, BlockBooth, Nightmare Market and Galaxy3.

SSL/TLS certificates

The listings shows that the availability of the SSL/TLS certificates is remarkably higher than the number of ransomwares and exploit’s listed.

An ad listing in Wall St. Market shows that the threat actors provide the certificates as well as the services to create the Fraudulent Websites.

SSL/TLS certificates

Another listing in the Dream market went step ahead, mentioning the issuance of SSL certificates and the use of aged domains as key services provided by this vendor. The certificate is sold here for less than €200 including web design services.

SSL/TLS certificates

“SSL/TLS certificates were also mentioned in various tutorials produced by anonymous authors. In addition, we found evidence of the availability of SSL stripping tools in the Dream Market,” reads the report.

EV certificate is designed to be the most trusted one in the market, a vendor named ‘bulkaccounts’ advertise it’s ability to issue EV certificates for U.S. & U.K. companies without any documentation and the cost starts at $1,000. “the vendor promises to provide full documentation for forged companies, including D-U-N-S numbers.”

SSL/TLS certificates

Dark web markets are the ideal place for the criminals to sell various malicious software, login details, financial data at very low cost.

Lest year it was observed that threat actors are offering both code signing certificates and domain name registration accompanying with the SSL certificates.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Zero-Trust Policy Bypass Enables Exploitation of Vulnerabilities and Manipulation of NHI Secrets

A new project has exposed a critical attack vector that exploits protocol vulnerabilities to...

Threat Actor Sells Burger King Backup System RCE Vulnerability for $4,000

A threat actor known as #LongNight has reportedly put up for sale remote code...

Chinese Nexus Hackers Exploit Ivanti Endpoint Manager Mobile Vulnerability

Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager...

Hackers Target macOS Users with Fake Ledger Apps to Deploy Malware

Hackers are increasingly targeting macOS users with malicious clones of Ledger Live, the popular...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Cobalt Strike 4.11.1 Released With SSL Checkbox Fix

Cobalt Strike has announced the release of version 4.11.1, an out-of-band update addressing several...

Fake Certificate Issued for Alibaba Cloud After SSL.com Validation Trick

A critical vulnerability in SSL.com’s domain validation process allowed unauthorized parties to fraudulently obtain...

Is this Website Safe: How to Check Website Safety – 2025

is this website safe? In this digital world, Check a website is safe is...