Hackers used Let's Encrypt certificates for attacks targeted at large Brazilian bank

Fraudsters attacked bank users by finding vulnerabilities in the security system of one of the largest Brazilian banks. Hackers were using Let's Encrypt certificates to create phishing website clones. Just recently, researchers disclosed information in regards to approach which hackers used to find a breach in the protection of Brazilian bank.

Online scammers were able to transfer all of 36 bank domains to fake pages by using SSL certificates issued through Let's Encrypt certification authority. Bank customers were unaware of compromised security and continued to enter their data on phishing pages, not even suspecting that all their personal data transmitted to fraudsters.

The main series of attacks on the Brazilian bank were performed on October 22, 2016. Hackers gain access to all site operations by taking control of 36 domains, corporate mail and DNS.

According to a researcher from Kaspersky Lab, hackers acquired control of all bank domains. Furthermore, fraudsters were able to suspend corporate mail, and as a result, bank was unable to notify their customers about attacks.

The bank suffered from attacks is large: it has more than 5 million customers and $ 25 billion in assets. It has 500 branches in Brazil, United States, Grand Cayman and Argentina.

Investigation conducted by Kaspersky Lab discovered that the bank website was spreading malware to all visitors. Unaware site visitors were downloading zip-archive from the main page, which contained malicious Java file.

Attackers expected to use malicious software to intercept the operations of the victim bank and steal funds from accounts of users of banks in other countries.

The bank eventually returned control over the DNS infrastructure; however, malicious software remains on the visitors' computers.

The main issue concerning all users of the World Wide Web related to free SSL certificates. Fraudsters can easily receive them, and then create phishing web pages protected by an SSL certificate and aimed to steal valuable personal information. Due to this reason, it is very important to always turn to commercial certification authorities, which have well established SSL issuance practice and proven their reliability for a long time.

It is worth noting that Let's Encrypt certificates used for fraudulent activities did not contain the name of the organization. For this reason, all commercial sites are urged to switch to OV / EV SSL certificates, which include the name of the organization, and in regards to EV SSL, shows the green address bar in browsers. You can always buy OV and EV SSL certificates from leading certification authorities in our store. 


LeaderTelecom became a partner of Thuiswinkel

LeaderTelecom, the largest provider of SSL-certificates from the leading certification authorities, became a partner of Thuiswinkel. Partnership with Thuiswinkel is another step towards effective and simple delivery of services to the widest possible audience.

LeaderTelecom is an unique business partner, working according to the principle of one stop shop. The company offers not only SSL-certificates, but also numerous services necessary for effective e-commerce. Among these services are the following:

  • VPS, intended to launch the online stores that require improved performance (fastest Enterprise-level SSD-drives, RAM and high performance CPU);
  • Dedicated servers, load balancers and switches (for large stores);
  • Comodo PCI Scan, which allows to comply with Payment Card Industry (PCI), mandatory for all companies that receive, process and store credit card data;
  • rankingCoach – a simple tool for search engine optimization (SEO) of the website;
  • Dropmysite - convenient cloud site backup, which allows ensure the availability of online store for customers;
  • Web Inspector - a tool for the effective protection of the site from viruses and malware.

In the nearest time on the website will appear announcements of events with the participation the LeaderTelecom. It plans to hold a joint webinar with Thuiswinkel representatives, which will address various aspects of e-commerce security.

About Thuiswinkel is a developed network of digital commerce, enables companies and individual entrepreneurs to quickly and easily offer their products and services. Thuiswinkel known for its trust seal Thuiswinkel Waarborg Keurmerk, which is familiar for more than 90% of customers in the Netherlands.

Thuiswinkel network comprises about 2 100 participants, who offer their services and products online in different market areas: insurance, IT, fashion, travel, home, etc.

Thuiswinkel partners are well-known companies and organizations such as ABN AMRO Bank, AfterPay, Criteo, European Merchant Services, Google Netherlands B.V., iDEAL, Marktplaats B.V., PayPal Nederland B.V. etc.

About LeaderTelecom

LeaderTelecom - a global provider of the SSL-certificates, as well as various solutions for online security, working for over 9 years. Official partner of leading certification authorities, such as Symantec, Thawte, Comodo, GeoTrust, RapidSSL, Entrust. The company has the Symantec Website Security Solutions Specialist status.

The company is a partner of The Hague Security Delta (HSD) - the largest security cluster in Europe, which is cooperating with clusters in the United States, Canada, Singapore and South Africa.

LeaderTelecom clients are large companies such as AfterLogic, APYachting, Comindware, CRMconsult, WAPS etc.


LeaderTelecom B.V.

Tel: +31 20 7640722



Tel: 0318 64 85 75



Notice of the office-working schedule during the Christmas holiday’s season

Dear LeaderTelecom customers, on behalf of all of our employees we warmly congratulate you with a long-awaited happy holidays – Christmas and New Year.

Please kindly note the following working schedule in our office:

  • December 25, 26 – closed;
  • January 1 – closed;

Let all the adversities pass by your house! Prosperity to you and good luck in the upcoming 2017!

Sincerely, LeaderTelecom. 


Users of Barclays Bank’ mobile application have been left without the possibility to pay for purchases due to legacy intermediate SSL-certificate

On a Thanksgiving Day, November 24, 2016 an emergency has occurred. Customers of Barclays Bank, which were users of mobile banking application, were unable to perform any transactions due to pinning the outdated intermediate certificate in the application. Barclays has immediately appealed to Symantec who was a certificate issuer with a request for a new certificate for *, tied to the old intermediate CA.

Symantec stated that it is possible; however, it will require issuing a certificate with the consecutive serial number, which contradicts with CA / B Forum Baseline Requirements Section 7.1. The certificate was issued in the old system, which has been replaced because it supported only issuance of certificates with the sequential serial numbers.

According to the statement from representatives of Barclays, «recent change in intermediate certificate had a negative impact on the Barclays’ SSL-pinning. As a result, the connection to the mobile application for all of our users will fail. The only way to solve this problem requires us to change our iOS and Android application code. It will take several weeks, including security testing, send app to the store, validation and deploy. "

The overall impact of this issue is quite serious and will affect mainly small and medium-sized enterprises, which are the Barclays customers and accepting payments using devices that link to the application.

Several thousands of customers of small and medium-sized businesses, operating mostly in the UK market, will not be able to perform any transactions from 8.30 a.m. 25/11/16 on a "Black Friday" and during the holiday shopping period. This will affect hundreds of thousands of customer's transactions, until the application is updated, and then released again.

Due to the severity of the issue and a potential huge negative impact on customers during a long period of holiday shopping, Symantec issued a new certificate on the evening of November 24 to replace the old one. This certificate has a short period, and published in the CT logs.

Should you require a modern Symantec SSL-certificate, you can always purchase them in our store at competitive prices with no hassle. 


LeaderTelecom has visited the Seaside Matchmaking Cyber Security 2016

LeaderTelecom has visited Cybersecurity Matchmaking Event 2016, which took place on October 14 in Zuiderstrandtheater in The Hague. It was a part of the Dutch government campaign named Alert Online 2016, which aimed at expanding knowledge in the field of cybersecurity.

This event has provided an opportunity to bring together all those who are involved in research initiatives related to cybersecurity such as experts in the field of development, education and innovation. In addition, a number of scientists, students and entrepreneurs attended this event.

A distinctive feature of Cybersecurity Matchmaking Event 2016 was the effective networking, hosted in form of fast business acquaintances, approximately 15 minutes each.

LeaderTelecom has communicated with many prominent figures in a field of cybersecurity. 

By participating in this event, LeaderTelecom had an opportunity to share our knowledge in the field of the SSL-certification, find new partners, receive the latest information related to the worldwide online security and discuss new projects with prominent figures of science and information technologies.

We would like to express our sincere gratitude and appreciation to the organizers and partners of this event for providing this opportunity, which allowed to have an informal discussion in regards to various important topics with the best minds from the world of cybersecurity.