It could also be a financial hit to Comodo, Storms added, pointing out that certificate-issuing authorities regularly post bonds to account for liability reasons or to account for potential lawsuits when problems crop up.

"Comodo has put money on the validity of their certificates," Storms said.

Nor is it surprising that attackers would be very interested in acquiring certificates to such major Web players as Google, Microsoft and Yahoo.

"They're getting a lot for their buck," said Storms, talking about the hackers' efforts.

Comodo said it reacted to last week's attack "within hours" and revoked the certificates. "At no time were any Comodo root keys, intermediate CAs [certificate authorities] or secure hardware compromised," the company asserted.