Skip to main content
  1. Home
  2. Computing
  3. News

Fake DigiNotar certificates targeting Iranians?

Geoff Duncan
By
DigiNotar Iranian traffic surge (Trend Micro)
Image used with permission by copyright holder

Computer security firm Trend Micro says fake digital certificates from compromised Dutch certification authority DigiNotar were part of a broad-scale man-in-the-middle attack targeting Iranian Internet users—and may have left political dissidents, activists, and others trying to bypass Iran’s online censorship regime vulnerable to eavesdropping.

DigiNotar catapulted into the news late last month when it was discovered to have issued a rogue certificate for Google.com, making it possible for third parties to carry out man-in-the-middle attacks on Google services—like Gmail—as if they were trusted and verified systems controlled by Google. Online security professionals tried to react quickly, but Trend Micro noticed something very odd about requests for domain validation through diginotar.nl: it’s a small firm that mostly serves customers in the Netherlands, so one would expect most of its domain validation requests to come from the Netherlands. And that’s true. However, beginning August 28 a significant number of Internet users requesting domain validation through DigiNotar were from Iran. No other countries saw any significant uptick in domain verification requests through DigiNotar.

Recommended Videos

The unusual spike in requests started on August 28, dropped off substantially by August 30, and was all but gone on September 2.

“These aggregated statistics [..] clearly indicate that Iranian Internet users were exposed to a large scale man-in-the-middle attack, where SSL encrypted traffic can be decrypted by a third party,” Trend Micro senior threat researcher Feike Hacquebord wrote.

Trend Micro also notes that several Web proxy systems in the United States—which are widely used by individuals wishing to access sites anonymously and without revealing their IP address or other details—were also sending Web validation requests for DigiNotar. Trend Micro speculates that these proxy services were being used by Iranian citizens seeking to work around government censorship—but the fake trust certificates would have meant their encrypted communications could have been intercepted anyway.

Trend Micro’s analysis is based on the company’s Smart Protection Network, which collects and analyzes data from Trend Micro customers around the world, including what domain names are accessed by customers at particular times.

Topics
Geoff Duncan
Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
These are the 10 best gaming PCs I’d recommend to anyone
Graphics card in the CLX Hathor PC.

We review dozens of gaming PCs each year. In 2024, there are a ton of great options, but we've narrowed them down to a list of the 10 best gaming desktops that deserve your hard-earned money.

In 2024, we still recommend the Alienware Aurora R16 because of its fantastic design, solid performance, and decent value. However, there are several other options depending on your needs and budget. If you want a deeper look into how we evaluate gaming PCs, make sure to read about how we review desktops.

Read more
Samsung’s crazy 57-inch curved 4K monitor is $700 off today
The Samsung Odyssey Neo G9 57-inch mini-LED gaming monitor placed on a desk.

Your investment in gaming PC deals will  go to waste if you don't upgrade your screen, and if you're willing to splurge for the best possible gaming experience, you'll want to go for the 57-inch Samsung Odyssey Neo G9 curved gaming monitor. It's pretty expensive at its original price of $2,500, so you're going to want to take advantage of any discounts that are available. Fortunately, Samsung has slashed its price by $700 so it's down to $1,800 -- it's still not cheap, but once you're playing your favorite games on this monitor, you'll quickly understand why it's worth every single penny.

Why you should buy the 57-inch Samsung Odyssey Neo G9 curved gaming monitor
The Samsung Odyssey Neo G9 curved gaming monitor features a 57-inch screen with dual 4K Ultra HD resolution and a 1000R curvature, so it will fully immerse you in the worlds of the video games that you play with its lifelike details and vivid colors. It also supports HDR 1000 for better visual accuracy, and it uses Quantum Matrix technology for controlled brightness and improved contrast.

Read more
This Lenovo ThinkPad laptop with 32GB of RAM is 35% off right now
lenovo thinkpad t16 laptop deal april 2024 promotional render

Lenovo often has some of the best laptop deals around with the current price on the Lenovo ThinkPad T16 Gen 2 one of the more appealing right now. Usually priced at $2,069, it’s down to $1,345 for a limited time only. Granted, the original price is one of Lenovo’s estimated value system prices so it may be overly optimistic but whatever the true discount, $1,345 is a great price for a system packed with great hardware. If you want to learn more about it, scroll down while we take you through everything.

Why you should buy the Lenovo ThinkPad T16
Lenovo is one of the best laptop brands for business laptops and the Lenovo ThinkPad T16 Gen 2 is a perfect example of that for work purposes. It has an AMD Ryzen 7 Pro 7840U processor along with a huge 32GB of memory. There’s also 1TB of SSD storage so you won’t run out of room for all your most valuable files.

Read more