Find Affordable Web Hosting Providers - Tophosts.com

Go Back   Web Hosting Forum - Webhosting Discussions at TopHosts.Com > Web Hosting News
Rogue Comodo SSL Certs Used in Attack on Top Domains Rogue Comodo SSL Certs Used in Attack on Top Domains
User Name
Password



Reply
 
Thread Tools Display Modes
Old 03-25-2011, 08:06 PM   #1
mamedesign
TopHosts Expert
 
Join Date: Dec 2009
Posts: 232
mamedesign is on a distinguished road
Default Rogue Comodo SSL Certs Used in Attack on Top Domains
IT security provider Comodo (www.comodo.com) revealed this week that a Registration Authority located in Southern Europe was hacked, leading to nine rogue SSL certificates on seven domains.

Top domains like Google, Yahoo, Skype and Windows Live were among the domains targeted.

In a statement released Wednesday, Comodo said the "attacker was well prepared and knew in advance what he was to try to achieve," armed with a "list of targets that he knew he wanted to obtain certificates for, was able quickly to generate the [requests] for these certificates and submit the orders" to the company's system to attain certificates.

The security firm says it immediately removed all nine certificates after discovering the attack, and it has not come across any other efforts to potentially exploit the certificates after the certificates were removed.

In an interview with CNET, Comodo CEO Melih Abdulhayoglu said the affected domain names "have to do with communications" and "are not financially motivated at all."

He believes the attack is an Iran state-sponsored move to breach the webmail accounts of political radicals.

Abdulhayoglu did not disclose the names of the southern European partner whose systems were breached, but confirmed that the Iranian server is now offline.

In a Comodo blog post, VP Philip Hallam-Baker wrote that the Iranian IP address was linked to the breach of the European registration authority tied to Comodo on March 15.

Though many IP addresses were used in the breach, most of these stemmed from Iran, according to another report.

Abdulhayoglu said the attacker first tested the certificate for login.yahoo.com, but because it had been revoked, the site would not appear as a trusted site when users tried to access it.

The Windows Live login domain, login.live.com, is just one of the domains that was breached by the nine rogue Comodo certificates.

Microsoft has since released a security advisory, as well as a mitigation update that updates the certificate revocation list on Windows PC. This will stop any more fraudlent certificates from being accepted as legitimate certificates.
__________________
Link Seeding = Free URL Submitted
Web Hosting = Hosting Beyond Excelent
Online Food = Buy Food Online ship to your doorstep
mamedesign is offline   Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


» Links
   web hosting
   chromebook forum
   chicago webhosting
   webmaster forums
   merchant select

» Links


All times are GMT -4. The time now is 03:26 AM.
Powered by vBulletin Version 3.6.8
Copyright ©2000 - 2012, Jelsoft Enterprises Ltd.
SEO by vBSEO 2.4.0
Contact Us - Web Hosting Forum - Tophosts.com - Archive - Privacy Statement - Top

Webmaster Forums | Marketing Find | VPS Hosting | Web Hosting | PCI Compliant Hosting
About Us | Contact Us | Careers | Web Hosting Events | Partner With Us | Business Development | FAQ | Glossary
Fast Find | Advertising Info | Submit Article | Terms Of Use | Privacy | Link to Us | Newsletter