[ISN] Solo Iranian hacker takes credit for Comodo certificate attack

From: InfoSec News <alerts_at_private>
Date: Mon, 28 Mar 2011 01:05:52 -0600 (CST)

By Gregg Keizer
March 27, 2011

A solo Iranian hacker on Saturday claimed responsibility for stealing 
multiple SSL certificates belonging to some of the Web's biggest sites, 
including Google, Microsoft, Skype and Yahoo.

Early reaction from security experts was mixed, with some believing the 
hacker's claim, while others were dubious.

Last week, conjecture had focused on a state-sponsored attack, perhaps 
funded or conducted by the Iranian government, that hacked a certificate 
reseller affiliated with U.S.-based Comodo.

On March 23, Comodo acknowledged the attack, saying that eight days 
earlier, hackers had obtained nine bogus certificates for the log-on 
sites of Microsoft's Hotmail, Google's Gmail, the Internet phone and 
chat service Skype and Yahoo Mail. A certificate for Mozilla's Firefox 
add-on site was also acquired.


Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery 
Network, Cisco Switches, SAS 70 Type II Datacenter. 
Find peace of mind, Defend your Critical Infrastructure.
Received on Mon Mar 28 2011 - 00:05:52 PDT

This archive was generated by hypermail 2.2.0 : Mon Mar 28 2011 - 00:13:24 PDT