Skip to main content

Fake DigiNotar certificates targeting Iranians?

DigiNotar Iranian traffic surge (Trend Micro)
Image used with permission by copyright holder

Computer security firm Trend Micro says fake digital certificates from compromised Dutch certification authority DigiNotar were part of a broad-scale man-in-the-middle attack targeting Iranian Internet users—and may have left political dissidents, activists, and others trying to bypass Iran’s online censorship regime vulnerable to eavesdropping.

DigiNotar catapulted into the news late last month when it was discovered to have issued a rogue certificate for Google.com, making it possible for third parties to carry out man-in-the-middle attacks on Google services—like Gmail—as if they were trusted and verified systems controlled by Google. Online security professionals tried to react quickly, but Trend Micro noticed something very odd about requests for domain validation through diginotar.nl: it’s a small firm that mostly serves customers in the Netherlands, so one would expect most of its domain validation requests to come from the Netherlands. And that’s true. However, beginning August 28 a significant number of Internet users requesting domain validation through DigiNotar were from Iran. No other countries saw any significant uptick in domain verification requests through DigiNotar.

Recommended Videos

The unusual spike in requests started on August 28, dropped off substantially by August 30, and was all but gone on September 2.

“These aggregated statistics [..] clearly indicate that Iranian Internet users were exposed to a large scale man-in-the-middle attack, where SSL encrypted traffic can be decrypted by a third party,” Trend Micro senior threat researcher Feike Hacquebord wrote.

Trend Micro also notes that several Web proxy systems in the United States—which are widely used by individuals wishing to access sites anonymously and without revealing their IP address or other details—were also sending Web validation requests for DigiNotar. Trend Micro speculates that these proxy services were being used by Iranian citizens seeking to work around government censorship—but the fake trust certificates would have meant their encrypted communications could have been intercepted anyway.

Trend Micro’s analysis is based on the company’s Smart Protection Network, which collects and analyzes data from Trend Micro customers around the world, including what domain names are accessed by customers at particular times.

Topics
Geoff Duncan
Former Digital Trends Contributor
Geoff Duncan writes, programs, edits, plays music, and delights in making software misbehave. He's probably the only member…
Intel’s new Core Ultra 9 285K may struggle against its predecessor
Intel's 14900K CPU socketed in a motherboard.

Intel Arrow Lake processors are here, and the Core Ultra 9 285K stands at the top of the lineup as Intel's current best CPU. However, the chip faces a lot of competition not just from AMD, but also from Intel's own last-gen Raptor Lake refresh. Even Intel itself can't deny that performance-wise, the Core Ultra 9 285K and the Core i9-14900K are not that far off.

Although the performance uplift might be subtle (or even non-existent) at times, Intel's Core Ultra 9 285K does bring some interesting changes. Here's a rundown of how the Core Ultra 9 285K and the Core i9-14900K stack up against each other.
Pricing and availability

Read more
Apple is hoping to one-up Meta with its own smart glasses
Person wearing Meta Orion smart glasses.

Apple has been stuck in an innovation rut for the past few years. Aside from the Vision Pro headset — which expectedly didn’t gain a mass reception — the company hasn’t made any notable hardware strides apart from its bread-and-butter mobility and computing portfolio. That could change in the next few years.

According to Bloomberg, Apple’s Vision Pro team is working on smart glasses to tackle the challenge presented by a resurgent Meta. The social media giant has already scored an early lead with the well-received Meta Ray-Ban smart glasses, which have steadily received meaningful social and AI upgrades.

Read more
The Intel Core Ultra 9 285K is already facing an uphill battle
Intel Core Ultra 9 285K CPU box packaging.

The consensus during the launch of a new PC hardware component is that it is faster or more powerful compared to the outgoing model or competition. But that may not be the case with Intel’s latest Arrow Lake-S CPUs. The first crop of Intel’s Core Ultra 200S desktop processors was officially unveiled yesterday and features five new SKUs led by the Core Ultra 9 285K.

By itself, the latest flagship is a very capable chip, but Intel says it is (in most cases) on par with last-gen’s Core i9-14900K. The catch here is that the entire Arrow Lake-S lineup consumes less power, thus generating less heat. That is great news for general consumers and enthusiasts who are particularly worried about high electricity costs and thermal management.

Read more