RRD:I have gathered these links from multiple sources.
..."The internet security firm Comodo Group said it had been victim to a hacker attack that appeared to have been part of a larger scheme to eavesdrop on encrypted e-mail and chat communications that may have been sponsored by Iran. Comodo, a digital certificate authority and security software maker, said on Wednesday that it unwittingly issued fraudulent digital certificates for Web sites operated by Google, Yahoo, Microsoft, Skype and Mozilla. Digital certificates are used to vouch for the authenticity of a site owner and facilitate encrypted communications between sites and their users. Comodo revoked all of the certificates immediately upon discovery of the incident and notified the site owners, the major browser makers and relevant government authorities, it said. The firm described the attack as well -planned and deployed with “clinical accuracy” from computers located mainly in Iran, though it pointed out in a company blog post that those computers could have been used
to “lay a false trail.” But it said that the characteristics of the attack, and the fact that Iran has sought to penetrate online communication services in the past, led it to “one conclusion only” —that the attack was likely to be “state -driven.” The Iranian government, like others in the Middle East facing opposition movements leveraging the Internet to organize protests and press for democratic change, has aggressively sought to restrict and monitor Internet access by its citizens. With the certificates, a hacker would be able to set up server computers that would appear to work for the targeted Web sites. A government that controls Internet traffic inside its country would be able to use such a server to gain access to encrypted e-mail and chat conversations and collect user names and passwords for individuals’ accounts, said Mikko H. Hypponen, chief research officer at the security firm F-Secure, in a blog post. Even without a grip on Internet traffic, a
hacker
could lure dissidents or other Web users to the rogue server and then intercept their communications and account details, said Roel Schouwenberg, a senior researcher at the security firm Kaspersky. “You can ‘own’ a target without having to compromise anything at the target’s end,” he said. “It might not be easier, but it might be ‘cleaner.’” The fraudulent certificate for Mozilla, which was for its Firefox add -on site, might have allowed the attacker, posing as Mozilla, to install malware on targeted PCs or to block the installation of Firefox extensions that help users bypass government -imposed censorship filters".....
Iranian Hackers Suspected in Recent Security Breach - NYTimes.com
http://bits.blogs.nytimes.com/2011/03/24/iranian-hackers-suspected-in-recent-... Rogue SSL certificates ("case comodogate") - F-Secure Weblog : News from the Lab
http://www.f-secure.com/weblog/archives/00002128.html
Critical Web Firm Suspects Iran Hacked It - WSJ.com
http://online.wsj.com/article/SB10001424052748703362904576219321279603988.html
..."The internet security firm Comodo Group said it had been victim to a hacker attack that appeared to have been part of a larger scheme to eavesdrop on encrypted e-mail and chat communications that may have been sponsored by Iran. Comodo, a digital certificate authority and security software maker, said on Wednesday that it unwittingly issued fraudulent digital certificates for Web sites operated by Google, Yahoo, Microsoft, Skype and Mozilla. Digital certificates are used to vouch for the authenticity of a site owner and facilitate encrypted communications between sites and their users. Comodo revoked all of the certificates immediately upon discovery of the incident and notified the site owners, the major browser makers and relevant government authorities, it said. The firm described the attack as well -planned and deployed with “clinical accuracy” from computers located mainly in Iran, though it pointed out in a company blog post that those computers could have been used
to “lay a false trail.” But it said that the characteristics of the attack, and the fact that Iran has sought to penetrate online communication services in the past, led it to “one conclusion only” —that the attack was likely to be “state -driven.” The Iranian government, like others in the Middle East facing opposition movements leveraging the Internet to organize protests and press for democratic change, has aggressively sought to restrict and monitor Internet access by its citizens. With the certificates, a hacker would be able to set up server computers that would appear to work for the targeted Web sites. A government that controls Internet traffic inside its country would be able to use such a server to gain access to encrypted e-mail and chat conversations and collect user names and passwords for individuals’ accounts, said Mikko H. Hypponen, chief research officer at the security firm F-Secure, in a blog post. Even without a grip on Internet traffic, a
hacker
could lure dissidents or other Web users to the rogue server and then intercept their communications and account details, said Roel Schouwenberg, a senior researcher at the security firm Kaspersky. “You can ‘own’ a target without having to compromise anything at the target’s end,” he said. “It might not be easier, but it might be ‘cleaner.’” The fraudulent certificate for Mozilla, which was for its Firefox add -on site, might have allowed the attacker, posing as Mozilla, to install malware on targeted PCs or to block the installation of Firefox extensions that help users bypass government -imposed censorship filters".....
Iranian Hackers Suspected in Recent Security Breach - NYTimes.com
http://bits.blogs.nytimes.com/2011/03/24/iranian-hackers-suspected-in-recent-... Rogue SSL certificates ("case comodogate") - F-Secure Weblog : News from the Lab
http://www.f-secure.com/weblog/archives/00002128.html
Critical Web Firm Suspects Iran Hacked It - WSJ.com
http://online.wsj.com/article/SB10001424052748703362904576219321279603988.html
No comments:
Post a Comment