Comodo SSL 'hacker' posts proof of pwnage

Powered by SC Magazine
 

Paste bin postings attempt to prove hacking feat.

An individual has posted a series of messages on the Paste Bin website in an attempt to claim responsibility for an attack on the security systems protecting the web services of Google, Microsoft, Skype and others.

Last week, web authentication firm Comodo warned customers that an attacker had issued a series of false SSL certificates, prompting urgent security advisories from customers including Google and Microsoft.

Now an unnamed individual has posted two messages on Paste Bin – the first claiming responsibility for the Comodo attack via a step-by-step explanation of how it was done, the second posting an alleged portion of hacked code as proof of his/her handy-work.

The poster claimed to have discovered vulnerabilities in the web site of a third party reseller that authenticates certificates on Comodo’s behalf.

Gaining full access to the web server of this third party, the hacker claimed to have stolen usernames and passwords to then log into Comodo’s systems and – apparently after writing some fake APIs – gained authorisation to generate certificates.

The poster claimed to be an Iranian man working without state sponsorship, with points to score against Western governments for what he believed was a U.S./Israeli conspiracy to target Iran via threats such as Stuxnet.

The post claimed that Stuxnet was “created by Israel and USA with millions of dollar budget, with access to SCADA systems and Nuclear softwares” and that vulnerabilities in Microsoft software exploited by Stuxnet had deliberately been left unpatched by the vendor in cooperation with US authorities.

The SSL attack would bring “equality to the internet”, the poster claimed.

“I know you are really shocked about my knowledge, my skill, my speed, my expertise and entire attack,” the post boasted. “Is there any larger target than a CA [certificate authority] in [the] internet?”

The initial post was then followed up with a sample of code which the author claimed to be “part of [the] decompiled TrustDLL” of the compromised Comodo reseller.

Chester Wisniewski, senior security advisor at Sophos said it was “impossible to tell.... if this guy was for real”.

Copyright © iTnews.com.au . All rights reserved.


Comodo SSL 'hacker' posts proof of pwnage
 
 
 
Top Stories
At the top of her game
A decision to bring digital operations back in-house three years ago has paid big dividends for Tabcorp.
 
Westpac hires SAP man as CTO
Creates four new IT lead positions.
 
Qld Transport to replace core registration system
State's biggest citizen info repository set for overhaul.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  38%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  7%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  5%
TOTAL VOTES: 995

Vote