Report: Yahoo, Tor, Mozilla, WordPress also hit by DigiNotar hack

Dutch name more possible fake certificate targets.

Besides the fraudulent security certificates Dutch authority DigiNotar issued for Google.com, more were made for Yahoo.com, Mozilla.org, torproject.org, wordpress.org and an Iranian blogging platform, Baladin, according to a Dutch report. 

The report [Google Translate version] does not state how it came across the information that the additional sites were targeted, and neither DigiNotar, its parent, Vasco, or the target companies have confirmed they were targeted.

Kaspersky Lab antivirus researcher Roel Schouwenberg said that if these domains were targeted it would add further weight to the suspicion that “a specific government is behind this attack.”

“What's worrisome in this saga is DigiNotar's claim a "few dozen" rogue certificates were generated,” said Kaspersky’s Schouwenberg. “This is a particularly suspicious claim because at the same time Google has blocked over 200 rogue certificates. Something doesn't quite add up.”

An analysis by The Register of a hardcoded blacklist of SSL certificates in Google’s updated Chrome browser also suggested that there could be hundreds of affected domain other than Google.com.

The number one suspect is Iran, which was accused of being behind similar attacks on certificate authority, Comodo in March. 

Several calling cards left by hackers on DigiNotar’s website discovered by security firm F-Secure suggest that the certificate authority had been breached several times since 2009 by both Iranian and Turkish hacker groups.

Browser makers Microsoft, Mozilla and Google have all disabled DigiNotar issued certificates in response to the breach, while open source operating system project Debian also disabled by default the DigiNotar Root CA in its network security services libraries

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
CSO WANTED
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags hackersDigiNotarattacksSSL Certificatesantivirussecurity breachkaspersky labYahoo.comFSecureGoogle.comMozilla.orgcertificate authority

More about CA TechnologiesComodoDebianetworkF-SecureGoogleKasperskyKasperskyMicrosoftMozillaMozilla.orgVascoYahoo

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Liam Tung

Latest Videos

More videos

Blog Posts