Free HTTPS Tool Let’s Encrypt Abused by Malvertisers
"
Cyber-criminals have been discovered abusing free certificate generation tool Let’s Encrypt to hide malware from security scanners and legitimize malicious sites.
Trend Micro fraud researcher, John Chen, explained in a blog post that his team saw the tool used in a malvertising attack leading Japanese victims to sites hosting the Angler exploit kit, in order to infect them with a banking trojan."