ComodoHacker responsible for DigiNotar Attack
The Hacker News


The hacker warns the Internet community that he has access to 4 other high-profile CAs, among them being GlobalSign, a certification authority from the U.S. He threatens that he will use his power over the companies to issue false certificates, which will later become the weapon of his revenge against countries who deserve it.In his own words, he said "I won't talk so many detail for now, just I wanted to let the world know that ANYTHING you do will have consequences, ANYTHING your country did in past, you have to pay for it...". Complete Message here.

An Iranian hacker posting a message on a Pastebin account boasting of his exploits and claiming to have access to more CAs. As a proof to show that he really did infiltrate DigiNotar, he shares the domain administrator password of the CA network:Pr0d@dm1n .

Around 300.000 unique requesting IPs to google.com have been identified," Fox-IT said in the report. On Aug. 4 the number of requests rose quickly until the certificate was revoked on Aug. 29. Of these IP (Internet Protocol) addresses, more than 99 percent originated from Iran.The list of IP addresses will be handed over to Google who can inform users that their e-mail might have been intercepted during this period, Fox-IT said. According to SC Magazine, Microsoft has also updated the Certificate Trust List (CTL) to remove any fake certificates. A total of 531 digital certificates were issued for domains that included google.com, the CIA, and Israel's Mossad . The hack implies that the current network setup and procedures at DigiNotar are not sufficiently secure to prevent this kind of attack.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.