'Want My Autograph?': The Use and Abuse of Digital Signatures by Malware

Encryption has always been a part of malware, from basic ROT13 string encoding to multi-layered packing algorithms. However, malware authors have discovered ways to exploit the existing strengths and weaknesses of public key cryptography in addition to their home-grown crypto. With the many layers that make up the Public Key Infrastructure (PKI) - certificate issuance, verification, revocation and all of the protocols and software that go in between - scammers have several weaknesses at their fingertips to abuse the overall system. Cheap SSL certificates with automated issuance procedures facilitate the fast and anonymous set-up of rogue e-commerce sites.