The hacker warns the Internet community that he has access to 4 other
high-profile CAs, among them being GlobalSign, a certification authority
from the U.S. He threatens that he will use his power over the
companies to issue false certificates, which will later become the
weapon of his revenge against countries who deserve it.In his own words,
he said “I
won't talk so many detail for now, just I wanted to let the world know
that ANYTHING you do will have consequences, ANYTHING your country did
in past, you have to pay for it...”. Complete Message here.
As a proof to show that he really did infiltrate DigiNotar, he shares the domain administrator password of the CA network:Pr0d@dm1n .
Around 300.000 unique requesting IPs to google.com have been identified," Fox-IT said in the report. On Aug. 4 the number of requests rose quickly until the certificate was revoked on Aug. 29. Of these IP (Internet Protocol) addresses, more than 99% originated from Iran.The list of IP addresses will be handed over to Google who can inform users that their e-mail might have been intercepted during this period, Fox-IT said.
According to SC Magazine, Microsoft has also updated the Certificate Trust List (CTL) to remove any fake certificates. A total of 531 digital certificates were issued for domains that included google.com, the CIA, and Israel's Mossad . The hack implies that the current network setup and procedures at DigiNotar are not sufficiently secure to prevent this kind of attack.
As a proof to show that he really did infiltrate DigiNotar, he shares the domain administrator password of the CA network:Pr0d@dm1n .
Around 300.000 unique requesting IPs to google.com have been identified," Fox-IT said in the report. On Aug. 4 the number of requests rose quickly until the certificate was revoked on Aug. 29. Of these IP (Internet Protocol) addresses, more than 99% originated from Iran.The list of IP addresses will be handed over to Google who can inform users that their e-mail might have been intercepted during this period, Fox-IT said.
According to SC Magazine, Microsoft has also updated the Certificate Trust List (CTL) to remove any fake certificates. A total of 531 digital certificates were issued for domains that included google.com, the CIA, and Israel's Mossad . The hack implies that the current network setup and procedures at DigiNotar are not sufficiently secure to prevent this kind of attack.
0 comments:
Post a Comment