Iran-linked attack spoofs Yahoo, others
cbs / Elinor Mills and Declan McCullagh .
23-Mar-2011 (one comment)

(CNET) 

A malicious attacker that appears to be the Iranian government managed to obtain supposedly secure digital certificates that can be used to impersonate Google, Yahoo, Skype, and other major Web sites, the security company affected by the breach said today.

 

Comodo, a Jersey City, N.J.-based firm that issues digital certificates, said the nine certificates were fraudulently obtained, including one for Microsoft's Live.com, have already been revoked. A fraudulent certificate allows someone to impersonate the secure versions of those Web sites--the ones that are used when encrypted connections are enabled--in some circumstances.

The Internet Protocol addresses used in the attack are in Tehran, Iran, said Comodo, which believes that because of the focus and speed of the attack, it was "state-driven." Spoofing those Web sites would allow the Iranian government to use what's known as a man-in-the-middle attack to impersonate the legitimate sites and grab passwords, read e-mail messages and monitor any other activities its citizens performed, even if the connections were protected with SSL (Secure Sockets Layer) encryption.

>>>
recommended by yolanda

Balatarin
Share/Save/Bookmark

 
hamsade ghadimi

you mean to tell me that if

by hamsade ghadimi on Thu Mar 24, 2011 07:26 AM PDT

you mean to tell me that if an iranian american organization lobbied for facebook not to filter its product in iran, then all their efforts would actually be to the detriment of iranian opposition activists?  i'd hate to be an activist's facebook friend in iran.


  •