Urgent: Scammers Abusing Let's Encrypt SSL Certificate

Hello Let's Encrypt Community,

I want to draw your attention to a critical issue involving the misuse of Let's Encrypt SSL certificates. Scammers are currently exploiting Let's Encrypt SSL certificates on multiple fraudulent websites, including "https://www.silverback-app.com" and "https://admin.silverback-app.net". These malicious actors have also caused significant harm to individuals, including the theft of cryptocurrencies.

The websites "https://www.silverback-app.com" and "https://admin.silverback-app.net" are masquerading as legitimate platforms and are leveraging Let's Encrypt SSL certificates to deceive unsuspecting users. They are engaged in online scams, putting many people at risk.

I want to emphasize that I have thoroughly documented this fraudulent activity, including threats, insults, and a wide range of misconduct. This evidence is a testament to the seriousness of the situation and the harm it has inflicted on those who have encountered these sites.

This is a plea to the Let's Encrypt community to investigate and take appropriate actions against the abuse of your SSL certificates. It is essential to uphold the reputation and integrity of Let's Encrypt and safeguard users against the activities of these fraudsters.

Moreover, I would like to inform you that these incidents have been reported to the relevant authorities, and steps are being taken to address these issues. We are doing our part to combat online scams and protect those who may fall victim to them.

Please take this matter seriously, as your intervention can prevent further harm and help ensure the safe and secure use of SSL certificates.

Thank you.


Thanks for the report. Our current policy does not allow us to revoke certificates based on the content of websites, including for suspected phishing, malware, fraud, abuse, or otherwise objectionable content.

We recommend reporting such sites to Google Safe Browsing and the Microsoft Smart Screen program, which are able to more effectively protect users. Here are some reporting URLs:


If you’d like to read more about our policies and rationale, you can do so here:


No, it's not. Please educate yourself about what a TLS certificate entails and especially what it does not.

Please see:

This topic comes along every now and then and there have been many discussions on it already. Please use the search function of this forum if you want see what has been discussed previously already.


Thank you for the information and the links provided. I understand the primary role of Let's Encrypt is to provide SSL/TLS certificates for securing websites.

My intention in raising this matter was not to criticize Let's Encrypt but to inform the community about potential misuse of SSL/TLS certificates. I've already reported the issue to relevant authorities as appropriate. I appreciate your clarification on Let's Encrypt's role.


Thank you for your response and the provided information. I understand Let's Encrypt's policy regarding the revocation of certificates. I've already reported the issue to Google Safe Browsing and the Microsoft Smart Screen program, as you suggested. My aim was to raise awareness and ensure that proper authorities are informed. I appreciate your guidance and explanation of your policies.


@suki-abkari, your learning and change of direction here are great. I'm a bit late. :slightly_smiling_face: I posted my "guidepost" topic link above for the benefit of future searchers and to "tag" this topic.


Thank you for you kind response :blush:

I aim to continue learning and contribute to preventing harmful actions. This platform has been incredibly helpful, and I'm eager to explore more valuable content.


Harmful Actions.


I have a friend of 40 years that contacted me yesterday.
"Hey... my domain was hacked... can you un-hack it?
The critical point in this post is that the domain was his-actual-name.com'

He is 80 years old and totally forgot that he let his domain go.

He allowed the domain to lapse in 2017, or so. It was a very popular site.
In 2019 a "group" in Hong Kong acquired the domain name because of it's popularity. It is now a porn site.

Is there anything that can be done to fix it... (that is legal) ? Not really.

The real issue is that his name is the domain name and someone or some group is stealing the popularity of the domain to achieve their ends.

Now there should be "trademarks" and "copyrights" and "service-marks" to protect the domain. But there are not.

AND.. there is a LE cert on the domain.

This is totally unfortunate, and there should be a way to mitigate this kind of thing from happening.

He was not happy with my response. But the fact remains...

Trademarks and copyrights and service-marks are important. From the perspective of the Wayback Machine... It doesn't matter.... It is now a porn site. And it will be documented for prosperity

I wish it weren't the case but it is.



I further suggest doing the following:

1- Determine the IP(s) of the offending website(s).
2- Use https://whois.arin.net to determine who owns those IPs (hosting providers, cloud services, colocation facilities, etc) and get their abuse/security contact information.
3- File a report with the Abuse/Security contacts at those companies, along with relevant documentation.

Hosting and Network providers typically have teams and lawyers dedicated for this and can immediately de-platform a malicious actor.

Due to some intricacies of the SSL Certificate Ecosystem, even if a Certificate were revoked it can take 10 days for browsers to finally be updated and distrust it. The Safe Browsing programs update client systems much faster, but de-platforming these actors at the hosting level is the best solution.


I have already taken steps to identify the IPs of the offending websites and started investigating their hosting providers, cloud services and related contacts. While I received information from both NCSC Switzerland and NCSC UK, it is clear that these scammers are persistent and adaptable. Even if one of their web pages is closed, another one is likely to open. In fact, one of them is known to state this explicitly. This highlights collective efforts to address and curb their activities on various platforms. When I say this, I'm not talking about certificates or DNS, or the hosting provider or service providers or whatever it takes to run an application.

I appreciate the information on this platform. Sharing ideas here aims to demystify the technical aspects and make them accessible to a wider audience. It's a reminder that we don't have to be a computer engineer to appreciate and use the information we have at our disposal. Such awareness should be considered fundamental.

Thank you @jvanasco :slightly_smiling_face:


Classy, spam in a thread about scam.


This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.