Posted on 03/24/2011 6:22:11 PM PDT by nuconvert
SAN FRANCISCO—Hackers from Iran are suspected of swiping authentication data from a US computer security firm in an attempt to impersonate popular Google or Yahoo! sites.
"The incident got close to, but was not quite, an Internet-wide security meltdown," Electronic Frontier Foundation senior staff technologist Peter Eckersley said in a message posted at the group's website.
Hackers using computers with addresses in Iran posed as a European affiliate of New Jersey-based Comodo on March 15 to get digital certificates allowing the creation of imitation Google, Yahoo!, Microsoft or Skype log-in pages.
"The attacker was well prepared and knew in advance what he was to try to achieve," Comodo said in an online message regarding the attack. "He seemed to have a list of targets that he knew he wanted to obtain certificates for."
The hacker got "SSL certificates," essentially digital credentials, to pose as mail.google.com, google.com, login.yahoo.com, login.skype.com, addons.mozilla.org, global.trustee and login.live.com.
"These fraudulent SSL certificates could be used by an attacker to masquerade as a trusted website," the US Computer Emergency Readiness Team warned.
One of the online identities was tested on an Iranian computer server but the others appeared not to have been used, according to Comodo, which said that it revoked the credentials within hours.
Microsoft, Mozilla, and Google have updated their Web browsing software to prevent being duped into trusting bogus websites using the credentials.
"These certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all Web browser users including users of Internet Explorer," Microsoft said in a security advisory.
Whoever was behind the attempt appeared to be out to monitor or intercept email messages or Skype calls.
"This was likely to be a state-driven attack," Comodo said. "The circumstantial evidence suggests that the attack originated in Iran."
Interesting.
indeed
Possibly to collect ‘evidence’ to justify political killings..?
Bwahahaha!
Chinese hackers are smart enough to leave the trail back to Iran. My take here.
Typically when you think you have found the hacker’s starting point - it was an IP spoof.
...more likely from somewhere else...
=8-)
A Look at Iran
http://www.truthusa.com/IRAN.html
#
http://internet-haganah.com/harchives/007224.html
24 March 2011
“IRGC DRAWS BLOOD, ATTRACTS ATTENTION, ATTACKS CERTIFICATE AUTHORITY”
#
http://internet-haganah.com/harchives/007218.html
17 March 2011
“TOP SEARCH TERM OF THE WEEK AT INTERNET-HAGANAH.COM?”
SNIPPET: “q=Brigadier+General+Gholamreza+Jalali
Seems the naughty librarian of the IRGC is a very popular guy. Drop his name on your website and all sorts of interesting folks come and have a look.”
#
http://internet-haganah.com/harchives/007206.html
10 March 2011
“GHOLAMREZA JALALI: OVERSEEING IRGC CYBER WARFARE EFFORTS”
SNIPPET: “Meet the HaX0r in Chief”
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.