Digital Signatures and Viruses
Digital Signatures are No Guarantee

The theory behind digital signatures is that we can trust files that are digitally signed. In fact, all popular browsers such as IE, Chrome and Firefox use the presence of a signature as a sign that the file is safe. As we discovered, this is far from the truth.

The analysis above looks at the source of digital certificates which are more likely to be associated with malware. The chart is interactive, so if you click on the good icon in the legend (at the bottom), it will remove all the good hashes and leave just the bad ones that traditional AV detect, and the additional ones that PC Matic detects. The combined bar is the total viruses, and there is a clear winner! Verisign appears to the #1 signer of viruses, followed by Comodo and GoDaddy.

Virus Probability
26.5%
45.4%
53.3%
0%
0%
Which companies can we trust?

The good news is the vast majority of programs with a signature from Versign, Comodo and GoDaddy are not viruses. The bad news is, the small percentage that is guilty of using these company’s digital signatures are difficult to discern from the innocent.

Our research shows that only Dell and Microsoft have a clean reputation, although they are two of the smaller players in the market. A needed step in the fight against viruses is for all legitimate companies to be more vigilant about who uses their digital signatures.

So what if the virus writers just don’t sign their viruses? Read more.