Mozilla and Microsoft have taken action against three of TrustCor’s root certificates, which are now no longer trusted by Firefox and Edge browsers.
The whole thing dates back to earlier this year, when University of Calgary professor Joel Reardon found malicious behavior in a series of Android apps with more than 46 million downloads totaling user data.
The investigation found that the malicious code in the software was developed by Measurement Systems, their SDK contains the malicious code, and that Measurement Systems also has ties to a contractor that does cyber intelligence and intelligence interception work for the US government.
Further investigation also found that the domain names of Measurement Systems and TrustCor were both registered by Vostrom Holdings, and the registration time was only one month apart; Measurement Systems’ spyware SDK is included, and the service actually sends emails in clear text, giving users a full view of their emails and has nothing to do with “encryption”.
While there is currently no evidence that TrustCor violated policies or procedures as a Root Certificate Authority (CA), or that they have mistakenly issued trusted certificates, the findings raise doubts about TrustCor as a publicly trusted Reasonable doubts about the CA’s ability to operate.
Mozilla project manager Kathleen Wilson said:
Concerns about TrustCor have been substantiated, and the risks of TrustCor’s continued membership in the Mozilla Root Program outweigh the benefits to end users.
Because of this, both Mozilla and Microsoft currently include TrustCor on the no longer trust list, with Firefox setting the date of no trust as November 30, 2022, and Microsoft setting the date as November 2022 1 day. Google’s Chrome and Apple’s Safari have yet to take any action, not sure when they will follow up.
Although Chrome and Safari have not followed up for the time being, users can manually delete or choose not to trust the TrustCor certificate in the browser (the above picture takes Safari browser as an example).
#background #root #certificate #authority #suspicious #Firefox #Edge #block #News Fast Delivery