Cyberattack on Dec. 21 was designed to install banking malware on computers. Cybercriminals had compromised a legitimate website and set up a subdomain that led to a server under their control. The subdomain used an SSL/TLS (Secure Sockets Layer/Transport Layer Security) certificate. The certificate was issued by Let’s Encrypt, a project run by the ISRG (Internet Security Research Group) The ISRG is backed by Mozilla, the Electronic Frontier Foundation, Cisco, and Akamai.”]