Notice of the office-working schedule during the Christmas holiday’s season

Dear LeaderTelecom customers, on behalf of all of our employees we warmly congratulate you with a long-awaited happy holidays – Christmas and New Year.

Please kindly note the following working schedule in our office:

  • December 25, 26 – closed;
  • January 1 – closed;

Let all the adversities pass by your house! Prosperity to you and good luck in the upcoming 2018!

Sincerely, LeaderTelecom.   


We are now accepting Bitcoins!

We always strive to do everything possible to make our customer service truly comfortable and competitive. Customers are telling us that payment options convenience is really important to them therefore we are excited to announce that we are now accepting payment in Bitcoins!

Beginning from now you can choose to pay for your purchase at LeaderSSL store with Bitcoins, if this digital currency is suitable for you! We hope that this innovative payment option will provide you maximum flexibility in terms of payment convenience.

Bitcoin transactions are highly secure and provide high privacy protection level! All transactions should be verified by the Bitcoin network within 4 hours.

Pay for your LeaderSSL services with Bitcoins! 


Google Chrome developers announced full denial of trust concerning WoSign and Startcom issued certificates

WoSign and StartCom certifying authorities have been repeatedly violating SSL certificates issuing process in the past and now will be completely distrusted in the Chrome browser. This process is currently being implemented, and will be accomplished by the time of Chrome 61 release.

Partial rejection of trust in the certificates issued by WoSign and its subsidiary StartCom was initiated back in Chrome 56. At that time, only reduced restrictive measures were implemented: all certificates issued before October 21 (2016) were recognized as trusted in Chrome. However, it was decided that a confidence level should be narrowed to a list of hosts from the first million by Alexa Rank.

The white list is constantly truncating, and, finally, in the browser Chrome 61, it will be completely removed. This will lead to a complete denial of trust in the certificates issued by WoSign and StartCom (both root and issued by these certification authorities).

On the Chrome Beta this decision should appear at the end of July. It is expected that it will have a “Stable” status by the middle of September.

Site owners who are still using StartCom or WoSign certificates will have urgently change them to the certificates issued by other trusted certification authorities, such as Comodo, Symantec, GeoTrust, etc.

If you have WoSign or StartCom certificates installed, you can always change them to a trusted SSL certificates with no hassle by contacting our store. You will be pleased with our competitive prices and unrivaled level of customer support which will address any emerging issues!


LeaderSSL is now a registered trademark!

LeaderTelecom B.V. has registered a trademark to protect its brand – LeaderSSL. From now on, all SSL certificates from various certification authorities will be sold under newly established LeaderSSL trademark.

Trademark name registration was obtained via EUIPO - The European Union Intellectual Property Office. Trademark protected LeaderSSL brand will help to distinguish LeaderSSL store from various fake sites, protect LeaderSSL brand name and business reputation as well as provide greater coherence between store name and legal LeaderSSL brand owners. Now the URL of the site fully corresponds to the name of the trademark.

Distinctive LeaderSSL trademark reveals new advertising opportunities for our company as LeaderSSL brand will be protected from being used for unauthorized marketing campaings. We highly appreciate our customers and strive to offer the best services possible. We would like to express our sincere thanks for being with us!  


Hackers used Let's Encrypt certificates for attacks targeted at large Brazilian bank

Fraudsters attacked bank users by finding vulnerabilities in the security system of one of the largest Brazilian banks. Hackers were using Let's Encrypt certificates to create phishing website clones. Just recently, researchers disclosed information in regards to approach which hackers used to find a breach in the protection of Brazilian bank.

Online scammers were able to transfer all of 36 bank domains to fake pages by using SSL certificates issued through Let's Encrypt certification authority. Bank customers were unaware of compromised security and continued to enter their data on phishing pages, not even suspecting that all their personal data transmitted to fraudsters.

The main series of attacks on the Brazilian bank were performed on October 22, 2016. Hackers gain access to all site operations by taking control of 36 domains, corporate mail and DNS.

According to a researcher from Kaspersky Lab, hackers acquired control of all bank domains. Furthermore, fraudsters were able to suspend corporate mail, and as a result, bank was unable to notify their customers about attacks.

The bank suffered from attacks is large: it has more than 5 million customers and $ 25 billion in assets. It has 500 branches in Brazil, United States, Grand Cayman and Argentina.

Investigation conducted by Kaspersky Lab discovered that the bank website was spreading malware to all visitors. Unaware site visitors were downloading zip-archive from the main page, which contained malicious Java file.

Attackers expected to use malicious software to intercept the operations of the victim bank and steal funds from accounts of users of banks in other countries.

The bank eventually returned control over the DNS infrastructure; however, malicious software remains on the visitors' computers.

The main issue concerning all users of the World Wide Web related to free SSL certificates. Fraudsters can easily receive them, and then create phishing web pages protected by an SSL certificate and aimed to steal valuable personal information. Due to this reason, it is very important to always turn to commercial certification authorities, which have well established SSL issuance practice and proven their reliability for a long time.

It is worth noting that Let's Encrypt certificates used for fraudulent activities did not contain the name of the organization. For this reason, all commercial sites are urged to switch to OV / EV SSL certificates, which include the name of the organization, and in regards to EV SSL, shows the green address bar in browsers. You can always buy OV and EV SSL certificates from leading certification authorities in our store.