Transferring data from computer to server are exposed to hackers in Dark Web.
According to the Georgia State University and Surrey University, Dark Web has a large market for SSL and Transport Layer Security (TLS) certificates, security technology (https protocol) that protects the transfer of data and information between computers and servers. As the researchers point out, even the most secure data files used for confidential communication between the server and the computers are immediately accessible by hackers.
Networked machines use security keys and SSL and TLS certificates to identify them when they are connected to each other, such as users' user names and passwords to connect to the Internet.
These certificates can now be found on darknet and even include a wide range of crime tools that provide hackers with machine IDs used by themselves to violate websites to track encrypted traffic, attack, and steal sensitive data.
According to David Maimon, Associate Professor at the State University of Georgia, interest has been attributed to the fact that TLS certificates are available in darknet services (eg web design services) that offer hackers direct access to reliable sources of information, Internet. In addition, their sales price was very economical, but included extensive validation certificates and all the necessary documents to create a credible "showcase" of the company without requiring verification information.
In a search on the Dark Web, 2,943 reports were found on SSL and 75 certificates on TLS. In the meantime, only 531 references to ransomware were found.
According to Kevin Bocek, vice president of security and information threat to the computer security company Venafi, "Every organization should be worried about the fact that certificates used to create and maintain online privacy are now sold and used as weapons in the hands of cyber criminals. "