The sign-in page and SSL certificate for Hotmail, one of the services targeted in the attack
Related Topics: security controversy ssl hackers iran(WEB HOST INDUSTRY REVIEW) -- According to several reports published Monday, a lone Iranian hacker has claimed responsibility for the Last week’s SSL certificate hack that targeted several major online communications tools, including Hotmail, Skype, Gmail and others.
The hacker reportedly backed up the claim in a post on the document-sharing site Pastebin that included names, accounts passwords and other details on how he broke into the systems of Comodo reseller InstantSSL.it, and was issued the rogue SSL certs.
Following the attacks last week, there was some speculation that the attacks – which appeared to originate from a server based in Iran – were sponsored by Iran’s government, and politically motivated.
A Guardian article on the hacker’s claim includes a quote from Comodo CEO Melih Abdulhayoglu who, following last week’s incident, issued a statement citing some circumstantial evidence that the attacks were state-backed. "We believe these are politically motivated, state-driven/funded attacks," he said, suggesting that the fake certificates would be used to collect the details of activists using the sorts of tactics used in phishing attacks.
The attacker claiming responsibility for the attacks, however, says this was not the attack’s intent, which was actually retribution for the Stuxnet worm, which was allegedly designed by government-sponsored groups to target nuclear reprocessing facilities in Iran.
The Stuxnet worm, discovered in July of 2010, specifically targeted industrial applications. Its impact in Iran was substantially greater than elsewhere, with 60 percent of infections reportedly occurring there.
The Guardian article quotes a security expert who says the Pastebin postings look convincing, but they don’t include any definitive evidence that the poster was not associated with the Iranian government, as originally suspected.o.uk/technology/2011/mar/28/hacker-digital-security-stuxnet-iran The attacker claiming responsibility for the attacks, however, says this was not the attack’s intent, which was actually retribution for the Stuxnet worm, which was allegedly designed by government-sponsored groups to target nuclear reprocessing facilities in Iran. The Stuxnet worm, discovered in July of 2010, specifically targeted industrial applications. Its impact in Iran was substantially greater than elsewhere, with 60 percent of infections reportedly occurring there. The Guardian article quotes a security expert who says the Pastebin postings look convincing, but they don’t include any definitive evidence that the poster was not associated with the Iranian government, as originally suspected.
View the Original article
0 comments:
Post a Comment