"There is no indication that any certificates were issued fraudulently, however, these weak keys have allowed some of the certificates to be compromised," Bryant said. The compromised certificates could allow an attacker to impersonate the legitimate owner thus making the user believe they are trusting a website or signed software that was created for malicious use, he added.
Google is blocking serial numbers that correspond to the 22 certificates. As a larger measure, it plans to block the Digicert certificate by Tuesday, the date also decided upon by Entrust.
There is no evidence that the Digicert Malaysia certificate authorities have been compromised, Entrust said.
Close to 300,000 unique IP addresses from Iran requested access to google.com using a rogue certificate issued by Dutch CA DigiNotar, according to a report released in September by security firm, Fox-IT. A total of 531 digital certificates were issued for domains that included google.com, the CIA, and Israel's Mossad, after a security breach.