Hackers steal SSL certificates for CIA, MI6, Mossad

pinewswire.net

The tally of digital certificates stolen from a Dutch company in July has exploded to more than 500, including ones for intelligence services like the CIA, the UK’s MI6 and Israel’s Mossad, a Mozilla developer said on Sunday.

The confirmed count of fraudulently-issued SSL (secure socket layer) certificates now stands at 531, said Gervase Markham, a Mozilla developer who is part of the team that has been working to modify Firefox to blocks all sites signed with the purloined certificates.

Among the affected domains, said Markham, are those for the CIA, MI6, Mossad, Microsoft, Yahoo, Skype, Facebook, Twitter and Microsoft’s Windows Update service.

“Now that someone (presumably from Iran) has obtained a legit HTTPS cert for CIA.gov, I wonder if the US gov will pay attention to this mess,” Christopher Soghoian, a Washington DC-based researcher noted for his work on online privacy, said in a tweet Saturday. Soghoian was referring to assumptions by many experts that Iranian hackers, perhaps supported by that country’s government, were behind the attack.

More...

Comments

Unknown said…
Truly the blogging is spreading its wings rapidly.



Study In USA