Wednesday, September 7, 2011

Aw crap...

The fallout from the recent breach of certificate authority (CA) DigiNotar continues at a rapid pace as more details about the scope of the attack come to light: More than 500 rogue digital certificates were created for such high-profile domains as cia.gov, microsoft.com, Microsoft's windowsupdate.com, and mozilla.org, as well as one posing as VeriSign Root CA. In addition, more than 300,000 IP addresses, mostly in Iran, have been compromised.

The plot further thickened today when the hacker who breached certificate authority Comodo earlier this year claimed he was also behind the DigiNotar attack, and has hacked four more CAs, including GlobalSign and StartCom: "I told all that I can do it again, I told all in interviews that I still have accesses in Comodo resellers, I told all I have access to most of CAs," wrote the hacker, who goes by the alias "ComodoHacker" and claims to be Iranian. He indicated that the attacks were in retaliation for the 16-year anniversary of a massacre of thousands of Muslims during the Bosnian War in the town of Srebrenica.

He says he has 300 code-signing certs, including code-signing privileges with Google's certificate. "I'm able to issue windows update, Microsoft's statement about Windows Update and that I can't issue such update is totally false! I already reversed ENTIRE windows update protocol" he wrote today.


Full article: http://www.darkreading.com/authentication/167901072/security/attacks-breaches/231600865/comodo-hacker-takes-credit-for-massive-diginotar-hack.html


No comments:

Post a Comment