Skip to main content

Fake DigiNotar certificates targeting Iranians?

DigiNotar Iranian traffic surge (Trend Micro)
Image used with permission by copyright holder

Computer security firm Trend Micro says fake digital certificates from compromised Dutch certification authority DigiNotar were part of a broad-scale man-in-the-middle attack targeting Iranian Internet users—and may have left political dissidents, activists, and others trying to bypass Iran’s online censorship regime vulnerable to eavesdropping.

DigiNotar catapulted into the news late last month when it was discovered to have issued a rogue certificate for Google.com, making it possible for third parties to carry out man-in-the-middle attacks on Google services—like Gmail—as if they were trusted and verified systems controlled by Google. Online security professionals tried to react quickly, but Trend Micro noticed something very odd about requests for domain validation through diginotar.nl: it’s a small firm that mostly serves customers in the Netherlands, so one would expect most of its domain validation requests to come from the Netherlands. And that’s true. However, beginning August 28 a significant number of Internet users requesting domain validation through DigiNotar were from Iran. No other countries saw any significant uptick in domain verification requests through DigiNotar.

The unusual spike in requests started on August 28, dropped off substantially by August 30, and was all but gone on September 2.

“These aggregated statistics [..] clearly indicate that Iranian Internet users were exposed to a large scale man-in-the-middle attack, where SSL encrypted traffic can be decrypted by a third party,” Trend Micro senior threat researcher Feike Hacquebord wrote.

Trend Micro also notes that several Web proxy systems in the United States—which are widely used by individuals wishing to access sites anonymously and without revealing their IP address or other details—were also sending Web validation requests for DigiNotar. Trend Micro speculates that these proxy services were being used by Iranian citizens seeking to work around government censorship—but the fake trust certificates would have meant their encrypted communications could have been intercepted anyway.

Trend Micro’s analysis is based on the company’s Smart Protection Network, which collects and analyzes data from Trend Micro customers around the world, including what domain names are accessed by customers at particular times.

Topics
Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
Hurry! This iMac is at its cheapest ever price right now
Apple iMac 24 inch placed on a desk in a sunny context.

One of the best desktop computer deals around today is a seriously great offer. Over at Best Buy, you can buy the iMac 24-inch M1 All-in-One with a Retina 4.5K screen for just $800. That’s a $450 reduction off its regular price of $1,250 which is remarkable value for an all-in-one desktop computer, especially a Mac-based one. If you’re looking for a stylish addition to your living space which is also a highly competent computer, this is your chance to do so for less. Here’s what it has to offer.

Why you should buy the iMac 24-inch M1
Apple makes some of the best all-in-one computers even though you might automatically think of its laptop range instead. The iMac 24-inch M1 is a truly gorgeous all-in-one desktop. It might be three years old now but thanks to how revolutionary the M1 chip was at the time, its performance is still exceptional. Apple wanted to demonstrate why developing its own silicon worked so well compared to using Intel processors, and it did so brilliantly here.

Read more
Our favorite Logitech wireless mouse is 14% off right now
Logitech MX Master 2S Wireless Mouse.

One of the best wireless mice around -- the Logitech MX Master 2S is currently on sale at Amazon. That means instead of paying $70, you pay just $60. Working out as a 14% discount, this is a good time to upgrade to a superior mouse for less. It’s sure to delight you and make you more productive too. If you’re keen to learn more, take a look below at what we have to say about it or you can simply hit the buy button right now to snap it up before the price returns to normal.

Why you should buy the Logitech MX Master 2S
With the newest model of the Logitech MX Master 3S topping our look at the best wireless mice, you know you’re in good hands with the Logitech MX Master 2S. Or should we say the mouse is in good hands, aka yours? The Logitech MX Master 2S is designed to perfectly fit to your hand. It has a hand-sculpted shape which supports your hand and wrist in a comfortable and natural position at all times. That means the buttons and wheels are also well-positioned so you can easily enjoy fine-motion control along with a fluid experience as you move around the screen.

Read more
HP sale: Up to 68% off laptops, printers, monitors, and more
Photo of an HP Envy 16 laptop.

HP has a huge sale going on now with awesome laptop deals, monitor deals, and many other deep discounts. If you’re keen to buy a new device for less, this is your chance to do so. There are over 50 different items in the HP sale from high-end laptops to mice, so the best thing you can do is tap the button below and see for yourself what’s out there. Alternatively, if you want to see what we recommend, keep reading while we take you through our choices.

What to shop for in the HP sale
The biggest discount in the HP sale is being able to buy the for $989 reduced from $3,098. Perfectly suited for business users, you get an Intel Core i7-1255U processor, a huge 32GB of memory, and 512GB of SSD storage. A 14-inch WUXGA screen with 100% sRGB, 400 nits of brightness, and 1920 x 1200 looks great, while there are extensive security provisions courtesy of HP Wolf Pro Security Edition. From one of the best laptop brands, you can’t go wrong.

Read more