{"id":25769,"date":"2019-03-01T12:30:00","date_gmt":"2019-03-01T12:30:00","guid":{"rendered":"https:\/\/www.darkreading.com\/threat-intelligence\/encryption-offers-safe-haven-for-criminals-and-malware\/d\/d-id\/1334016"},"modified":"2019-03-01T12:30:00","modified_gmt":"2019-03-01T12:30:00","slug":"encryption-offers-safe-haven-for-criminals-and-malware","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/encryption-offers-safe-haven-for-criminals-and-malware\/","title":{"rendered":"Encryption Offers Safe Haven for Criminals and Malware"},"content":{"rendered":"<header>\n<\/header>\n<p><span class=\"strong black\">The same encryption that secures private enterprise data also provides security to malware authors and criminal networks.<\/span> <\/p>\n<p class=\"\">The same technology millions depend on to protect personal and confidential information \u2014 and that browsers highlight as crucial for secure browsing \u2014 is being used by threat actors to hide malicious payloads and criminal activity targeting corporations and individuals. And in many cases, organizations aren&#8217;t doing anything to find out precisely what&#8217;s going on inside their encrypted network tunnels.<\/p>\n<p>Those are the conclusions reached in a pair of reports out just ahead of next week&#8217;s RSA Conference, in San Francisco.<\/p>\n<p>Gigamon ATR issued the &#8220;<a href=\"https:\/\/www.gigamon.com\/resources\/resource-library\/book\/eb-most-prolific-malware-2019-atr.html\" target=\"_blank\">July-December 2018 Crimeware Trends Report<\/a>&#8221; with a subtitle promising to tell readers &#8220;How The Most Prolific Malware Traversed Your Network Without Your Knowledge.&#8221; Justin Warner, director of applied threat research at Gigamon, says the &#8220;how&#8221; is wrapped up in a simple statement: &#8220;What we discovered is you can&#8217;t detect that you can&#8217;t see.&#8221;<\/p>\n<p>Criminal use of encryption is the subject of Zscaler ThreatLabz report, &#8220;<a href=\"https:\/\/info.zscaler.com\/whitepaper-ssl-traffic-threats\" target=\"_blank\">Zscaler Cloud Security Insights Report<\/a>.&#8221; &#8220;Everyone knows that the world is going to encrypted tunnels for privacy, but with the advent of free certificate providers, bad guys are able to take advantage, too,&#8221;\u00a0says Deepen Desai, vice president of security research and operations at Zscaler.\u00a0<\/p>\n<p>Gigamon&#8217;s research found that encryption is being used by several &#8220;classic&#8221; malware families, including <a href=\"https:\/\/www.darkreading.com\/attacks-breaches\/emotet-malware-gets-more-aggressive-\/d\/d-id\/1333584\" target=\"_blank\">Emotet<\/a>, <a href=\"https:\/\/www.darkreading.com\/vulnerabilities---threats\/bec-attacks-to-exceed-$9b-in-2018-trend-micro\/d\/d-id\/1330853\" target=\"_blank\">LokiBot<\/a>, and <a href=\"https:\/\/www.darkreading.com\/vulnerabilities---threats\/low-cost-crimeware-kit-gaining-popularity-in-underground-markets\/d\/d-id\/1331638\" target=\"_blank\">TrickBot<\/a>. In fact, according to the Gigamon report, two-thirds of the malware detected in the study period was one of these threee types. The reason these malware families are still being used is simple, Warner says: They remain effective, and developing new malware is expensive.<\/p>\n<p>&#8220;These threats are still succeeding. They&#8217;re still effective. They do a lot of work to evade. They do change up how they look, but, in general, they&#8217;re still using the same malware,&#8221; he explains. &#8220;It is expensive for an adversary to change up their entire operation, but our goal as professionals in the intelligence and research space is to force these threats to take on that cost. That is really how we as an industry will better dismantle them.&#8221;<\/p>\n<p>Zscaler&#8217;s Desai says the three levels of certificate validation \u2014 domain validation, organization validation, and extended validation \u2014 leave room for criminals to obtain certificates for sites that appear legitimate but are not. In domain validation, for example, all individuals have to do is show they are the owner of a particular domain; no checking is done to make sure they have the legal right to the name.<\/p>\n<p>&#8220;Attackers will register a new campaign, do an aggressive spam or malvertising campaign, then move on because the domain ends up in reputation block lists,&#8221; Desai says. According to the Zscaler report, in 74% of the sites that are blocked for security reasons, the certificate is short-term, valid for less than a year.<\/p>\n<p>While free certificate authorities, such as Let&#8217;s Encrypt, were launched to allow legitimate sites to be protected by SSL\/TLS, they have been used by malicious actors, as well, and in huge numbers.\u00a0<\/p>\n<p>Desai is blunt about the consequences.\u00a0&#8220;[As a result], we can no longer tell the users that the presence of a green padlock means you&#8217;re visiting a safe site because the bad guys can get certificates, as well,&#8221; he says.<\/p>\n<p>According to the Zscaler report, 89% of the domains blocked on its networks for security reasons were encrypted with domain-validated certificates. The remaining 11% used organization validated certificates, while no sites employing extended validation certifcates were blocked.<\/p>\n<p>While large enterprises see huge numbers of attacks, Gigamon&#8217;s\u00a0Warner says these visibility-based security issues aren&#8217;t limited to big organizations. &#8220;These threats are not discriminatory \u2014 they&#8217;re targeting businesses of all sizes and across verticals. They aren&#8217;t picking any specific industry, and they aren&#8217;t picking a specific target,&#8221; he says.<\/p>\n<p>The sites being attacked are getting hit by the legacy malware found by Gigamon, as well as an increasing amount of malware injected into the code of the Websites. &#8220;We&#8217;ve seen a lot of JavaScript skimmers injected into the page leveraging encrypted channels,&#8221; Desai says.<\/p>\n<p>At RSA,\u00a0Desai says there will be two paths of discussion regarding these issues: the SSL certification side and traffic inspection. &#8220;On the SSL certificate side, there are more and more organizations moving away from domain verification certificates and going to higher verification, but we&#8217;re still going at a slow pace,&#8221; he says.<\/p>\n<p>Both Warner and Desai say more organizations must be willing to build in processes and technologies to look inside the encrypted tunnels. With no safety in the green padlock, seeing as much as possible seems a necessary step to greater network security.<\/p>\n<p><strong>Related Content:<\/strong><\/p>\n<div readability=\"7.3636363636364\">\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/INT19-Logo-HorizDates-3035.png\" alt=\"\" width=\"360\" height=\"48\"\/><\/p>\n<p><strong>Join Dark Reading LIVE for two cybersecurity summits at Interop 2019. Learn from the industry&#8217;s most knowledgeable IT security experts. Check out the <a href=\"https:\/\/www.interop.com\/darkreading\/?_mc=hsad_x_drr_le_tsnr_intplv_x_x-drvplug\" target=\"_blank\">Interop agenda<\/a> here.<\/strong><\/p>\n<\/div>\n<p><span class=\"italic\">Curtis Franklin Jr. is Senior Editor at Dark Reading. In this role he focuses on product and technology coverage for the publication. In addition he works on audio and video programming for Dark Reading and contributes to activities at Interop ITX, Black Hat, INsecurity, and &#8230; <a href=\"https:\/\/www.darkreading.com\/author-bio.asp?author_id=512\">View Full Bio<\/a><\/span> <\/p>\n<p><span class=\"smaller strong red allcaps\">More Insights<\/span><\/p>\n<p> Read More <a href=\"https:\/\/www.darkreading.com\/threat-intelligence\/encryption-offers-safe-haven-for-criminals-and-malware\/d\/d-id\/1334016?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The same encryption that secures private enterprise data also provides security to malware authors and criminal networks. Read More <a href=\"https:\/\/www.darkreading.com\/threat-intelligence\/encryption-offers-safe-haven-for-criminals-and-malware\/d\/d-id\/1334016?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\">HERE<\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[151],"tags":[],"class_list":["post-25769","post","type-post","status-publish","format-standard","hentry","category-darkreading-ti"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Encryption Offers Safe Haven for Criminals and Malware 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/encryption-offers-safe-haven-for-criminals-and-malware\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Encryption Offers Safe Haven for Criminals and Malware 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/encryption-offers-safe-haven-for-criminals-and-malware\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2019-03-01T12:30:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/INT19-Logo-HorizDates-3035.png\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/encryption-offers-safe-haven-for-criminals-and-malware\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/encryption-offers-safe-haven-for-criminals-and-malware\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Encryption Offers Safe Haven for Criminals and Malware\",\"datePublished\":\"2019-03-01T12:30:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/encryption-offers-safe-haven-for-criminals-and-malware\\\/\"},\"wordCount\":871,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/encryption-offers-safe-haven-for-criminals-and-malware\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/INT19-Logo-HorizDates-3035.png\",\"articleSection\":[\"DarkReading |TI\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/encryption-offers-safe-haven-for-criminals-and-malware\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/encryption-offers-safe-haven-for-criminals-and-malware\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/encryption-offers-safe-haven-for-criminals-and-malware\\\/\",\"name\":\"Encryption Offers Safe Haven for Criminals and Malware 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/encryption-offers-safe-haven-for-criminals-and-malware\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/encryption-offers-safe-haven-for-criminals-and-malware\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/INT19-Logo-HorizDates-3035.png\",\"datePublished\":\"2019-03-01T12:30:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/encryption-offers-safe-haven-for-criminals-and-malware\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/encryption-offers-safe-haven-for-criminals-and-malware\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/encryption-offers-safe-haven-for-criminals-and-malware\\\/#primaryimage\",\"url\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/INT19-Logo-HorizDates-3035.png\",\"contentUrl\":\"https:\\\/\\\/img.deusm.com\\\/darkreading\\\/MarilynCohodas\\\/INT19-Logo-HorizDates-3035.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/encryption-offers-safe-haven-for-criminals-and-malware\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Encryption Offers Safe Haven for Criminals and Malware\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Encryption Offers Safe Haven for Criminals and Malware 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/encryption-offers-safe-haven-for-criminals-and-malware\/","og_locale":"en_US","og_type":"article","og_title":"Encryption Offers Safe Haven for Criminals and Malware 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/encryption-offers-safe-haven-for-criminals-and-malware\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2019-03-01T12:30:00+00:00","og_image":[{"url":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/INT19-Logo-HorizDates-3035.png","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/encryption-offers-safe-haven-for-criminals-and-malware\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/encryption-offers-safe-haven-for-criminals-and-malware\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Encryption Offers Safe Haven for Criminals and Malware","datePublished":"2019-03-01T12:30:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/encryption-offers-safe-haven-for-criminals-and-malware\/"},"wordCount":871,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/encryption-offers-safe-haven-for-criminals-and-malware\/#primaryimage"},"thumbnailUrl":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/INT19-Logo-HorizDates-3035.png","articleSection":["DarkReading |TI"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/encryption-offers-safe-haven-for-criminals-and-malware\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/encryption-offers-safe-haven-for-criminals-and-malware\/","url":"https:\/\/www.threatshub.org\/blog\/encryption-offers-safe-haven-for-criminals-and-malware\/","name":"Encryption Offers Safe Haven for Criminals and Malware 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/encryption-offers-safe-haven-for-criminals-and-malware\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/encryption-offers-safe-haven-for-criminals-and-malware\/#primaryimage"},"thumbnailUrl":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/INT19-Logo-HorizDates-3035.png","datePublished":"2019-03-01T12:30:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/encryption-offers-safe-haven-for-criminals-and-malware\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/encryption-offers-safe-haven-for-criminals-and-malware\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/encryption-offers-safe-haven-for-criminals-and-malware\/#primaryimage","url":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/INT19-Logo-HorizDates-3035.png","contentUrl":"https:\/\/img.deusm.com\/darkreading\/MarilynCohodas\/INT19-Logo-HorizDates-3035.png"},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/encryption-offers-safe-haven-for-criminals-and-malware\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Encryption Offers Safe Haven for Criminals and Malware"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/25769","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=25769"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/25769\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=25769"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=25769"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=25769"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}