Comodo a trusted internet security provider whose mission is to ‘create trust online’ gets a crucial hack attack issuing a fake digital SSL certificates. It is roaming on seven different domains including those of Live, Google, Yahoo, Skype, Mozilla and more.
The team stated that a root authority (RA) was violated, and that’s the default on all Windows and OS X installations. The attacker managed to create a fake user account and issued 9 fake security certificates although the attempts were invalidated immediately after the issuing. Company also believes that this malicious attack was originated from Iran and could be a state sponsored attack which was executed to get the web-mail content of the executives and political protesters.
If immediate measures would not have been taken then this attack would be considered as a huge hack, all the critical data might have been tracked and used illegally resulting huge cyber threat. Everyone uses yahoo, Google and Live mail services, imagine if you are the CEO or any higher executive and your all work is online based, and you get hacked by these fraudulent certificates and the hacker manages to trap you down and gain access to your data. Scary isn’t it??
Well for our visitors we will be recommending to enable Browser certificate revocation check, which is by default set to off in IE 8 and FireFox 3.x releases, Fortunately IE 9 and Firefox version 4 has it checked by default so the users having the latest browsers are safe of these malicious, content spoofing attacks. In addition to this Microsoft has also issued an update that installs these 9 attacks listing as “Untrusted Certificates” for user protection. These can also be viewable via the certmgr.msc tool on Windows.
The fraudulent and revoked certificate numbers are also been made available on Comodo’s Certificate Revocation List (CRL).
via [Naked Security]