DigiCert Breached via Social Engineering, Fraudulent EV Code Signing Certificates Issued
Tags Infrastructure ยท Enterprise
DigiCert, a global Certificate Authority providing TLS/SSL certificates and PKI management, disclosed a breach resulting from a targeted social engineering attack against its support channel. The attackers compromised internal systems and obtained unauthorized issuance of EV Code Signing certificates, which could be used to sign malware that appears trusted by operating systems. DigiCert is revoking the fraudulent certificates and has implemented additional verification controls.
Technical significance
A CA breach undermines the entire chain of trust for code signing and TLS. EV Code Signing certificates bypass SmartScreen warnings on Windows, meaning signed malware would be trusted by default. This incident highlights that the weakest link in PKI is often human processes (support channels), not cryptographic systems.