itwbennett writes: On Wednesday, Trend Micro wrote that it discovered a cyberattack on Dec. 21 that was designed to install banking malware on computers. The cybercriminals had compromised a legitimate website and set up a subdomain that led to a server under their control, wrote Joseph Chen, a fraud researcher with Trend. The subdomain used an SSL/TLS (Secure Sockets Layer/Transport Layer Security) certificate issued by Let's Encrypt, the first large-scale project to issue free digital certificates. which is run by the ISRG (Internet Security Research Group) and is backed by Mozilla, the Electronic Frontier Foundation, Cisco, and Akamai, among others. The incident has sparked disagreement over how to deal with such abuse, writes Jeremy Kirk.