Just came across this page:
http://update-for-pc-1024.com/?dist_id=365&channel=ac_h1gv&v=icrs&c=e7982022e2acb355c97cb18725d4df5e<p>Which serves 'adobe_flash_setup.exe' which is signed with COMODO Code Signing certificate of OOO "Finans Servis", proezd Serebryakova 6, 129323 Moscow, Russia. It's also found under different names, see http://www.herdprotect.com/adobe_flash_setup.exe-b6e4cc61a87f6633f5ef683be5525f9686475a4f.aspx .<p>I think this is at least they violate '1.6. Restrictions. Subscriber shall not:
(i) impersonate or misrepresent Subscriber’s affiliation with any entity,' and also '3. Revocation. Comodo may revoke a Certificate if Comodo believes that:
(xi) the Certificate was issued to publishers of malicious software;
(xii) the Certificate may have been used to digitally sign hostile code, including spyware or other malicious software;' - https://www.comodo.com/repository/docs/code-signing-subscriber-agreement.pdf<p>But how to report such an issue? I cannot find any security related email address on the Comodo website.
Ok, just got a (signed) message back from Robin Alden (CTO): "This certificate has been revoked.", in the CC was:
signedmalwarealert@comodo.com , so that seems to be the (internal) email address.
Sorry to ask, but what have you tried so far to contact them? (assuming they don't read hackernews)<p>There is a 'contact us' page on comodo.com with email addresses and toll free phone numbers. More phone numbers on the support page. A live chat on the sales page. Facebook, Twitter, G+ account are linked.