Skip to main content

Comodo attacker claims credit for DigiNotar breach

DigiNotar Google cert access map (FOX-IT)
Image used with permission by copyright holder

If unauthenticated postings on the Internet are to be believes—and we all know how that goes—the attacker who was behind a breach of the SSL affiliate registration authority Comodo earlier this year may be behind the recent compromise of Dutch SSL certificate authority DigiNotar. The attacker posted an announcement on Pastebin under the name “Comodohacker” claiming responsibility for the DigiNotar breach. In the message, the writer says the action was retaliation for the role of Dutch soldiers in Srebrenica in 1995, where more than 8,000 Muslims were killed by Serbian forces during the Bosnian War.

The same account was previously used earlier this year to describe the attack on SSL certificate authority Comodo. The attacker also claims to have infiltrated four more unnamed high-profile certificate authorities, and gained the ability to issue false certificates from them. He also claimed to have access to the widely-used certificate authority GlobalSign, and to have attempted an attack on StartCom.

“Comodohacker” has given interviews in the last year, and described himself as a 21 year-old Iranian student. Some security experts have also speculated that Comodohacker could be Turkish. However, the Iranian connection is interesting, especially since name of the IP addresses that used Google account information under the fraudulent Google certificate issued by DigiNotar were located in Iran.

In all, over 500 fraudulent certificates were issued from DigiNotar after its systems were compromised. DigiNotar’s auditor FOX-IT has found (PDF) that more than 300,000 unique IP addresses accessed Google accounts alone under the bogus certificate issued for Google. Supposedly-secure information on any of those sessions could, in theory, have been intercepted by a third party.

Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
What is Gemini Advanced? Here’s how to use Google’s premium AI
Google Gemini on smartphone.

Google's Gemini is already revolutionizing the way we interact with AI, but there is so much more it can do with a $20/month subscription. In this comprehensive guide, we'll walk you through everything you need to know about Gemini Advanced, from what sets it apart from other AI subscriptions to the simple steps for signing up and getting started.

You'll learn how to craft effective prompts that yield impressive results and stunning images with Gemini's built-in generative capabilities. Whether you're a seasoned AI enthusiast or a curious beginner, this post will equip you with the knowledge and techniques to harness the power of Gemini Advanced and take your AI-generated content to the next level.
What is Google Gemini Advanced?

Read more
AMD Zen 5: everything we know about AMD’s next-gen CPUs
A hand holding AMD's Ryzen 9 9950X.

AMD Zen 5 is the next-generation Ryzen CPU architecture for Team Red. And after a major showing at Computex 2024, it's ready for a July launch. AMD promises major performance advantages for the new architecture that will give it a big leap in performance in gaming and productivity tasks, and the company also claims it will have major leads over Intel's top 14th-generation alternatives, allowing it to compete among the best processors.

We'll need to wait for the release to know for sure how these chips perform, but here's what we know about Zen 5 so far.
Zen 5 release date, availability, and price
AMD confirmed that the Ryzen 9000 desktop processors will launch on July 31, 2024, which marks two weeks after the launch date of the Ryzen AI 300. The initial lineup includes the Ryzen 9 9950X, the Ryzen 9 9900X, the Ryzen 7 9700X, and the Ryzen 5 9600X.

Read more