Report: Yahoo, Tor, Mozilla, WordPress also hit by DigiNotar hack

Dutch name more possible fake certificate targets.

Besides the fraudulent security certificates Dutch authority DigiNotar issued for Google.com, more were made for Yahoo.com, Mozilla.org, torproject.org, wordpress.org and an Iranian blogging platform, Baladin, according to a Dutch report. 

The report [Google Translate version] does not state how it came across the information that the additional sites were targeted, and neither DigiNotar, its parent, Vasco, or the target companies have confirmed they were targeted.

Kaspersky Lab antivirus researcher Roel Schouwenberg said that if these domains were targeted it would add further weight to the suspicion that “a specific government is behind this attack.”

“What's worrisome in this saga is DigiNotar's claim a "few dozen" rogue certificates were generated,” said Kaspersky’s Schouwenberg. “This is a particularly suspicious claim because at the same time Google has blocked over 200 rogue certificates. Something doesn't quite add up.”

An analysis by The Register of a hardcoded blacklist of SSL certificates in Google’s updated Chrome browser also suggested that there could be hundreds of affected domain other than Google.com.

The number one suspect is Iran, which was accused of being behind similar attacks on certificate authority, Comodo in March. 

Several calling cards left by hackers on DigiNotar’s website discovered by security firm F-Secure suggest that the certificate authority had been breached several times since 2009 by both Iranian and Turkish hacker groups.

Browser makers Microsoft, Mozilla and Google have all disabled DigiNotar issued certificates in response to the breach, while open source operating system project Debian also disabled by default the DigiNotar Root CA in its network security services libraries

More about: CA Technologies, Comodo, Debian, etwork, F-Secure, Google, Kaspersky, Kaspersky Lab, Microsoft, Mozilla, Mozilla.org, Vasco, Yahoo

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the Computerworld comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: antivirus, attacks, certificate authority, DigiNotar, FSecure, Google.com, hackers, kaspersky lab, Mozilla.org, security breach, ssl certificates, Yahoo.com
Whitepapers
All whitepapers
Sign up now to get free exclusive access to reports, research and invitation only events.
Featured Download
/downloads/product/149/dropbox/

Dropbox

Dropbox is a sharing tool that allows you to synchronize your documents, as well share files with others. It automatically uploads the files to the ...

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia