Trend Micro Security Team discovered the Internet users in 40 different networks of Internet provider and the University of Iran, contains artificial DigiNotar SSL certificate, site providers and suppliers of the CA SSL Certificate Netherlands issued.
The agreement was to spy on Internet users in Iran on a large scale.
In the theory described Trend Micro, forged certificates can be used by users to visit a fake version of a site to be deceived or used to communicate with the legitimate Web site transparent to the user's monitor.
But that's the trick of a false certificate, a hacker must be able to traffic, internet routed through a server, which he controlled ride.
"Iran is not a CA (Certificate Authority / CA). Therefore, if you do that, you can only issue a certificate naughty deceived," said a security company based in Japan.
But because they do not necessarily have an official certificate from a trusted CA as DigiNotar. Trend Micro to see this curiosity that the site DigiNotar SSL certificate provider under the mercy of hackers in Iran.
In July-August 2011 and then discovered, Trend Micro, the hackers have managed to create an SSL certificate nude for hundreds of domain names, including google.com and uniform throughout. Com, the highest level. This is very dangerous because the SSL certificate was a rogue attacks Engineering Man-in-the-middle receive.
Issued at that time nearly one hundred of thousands of Iran's unique IP addresses, access to DigiNotar google.com with false certificates.
"Trend Micro thousands of unique IP addresses in google.com recognizes requested has been identified. On August 4, to increase the number of applications quickly, until a certificate is revoked on August 29," he continued.
The test is based on data from time to time by the network of Trend Micro Smart Protection displays fake SSL certificate DigiNotar, be used to spy on Internet users in Iran will be displayed on a large scale were collected.
DigiNotar similar attacks in the March attack on a U.S. security firm Comodo Inc., which is also connected with Iran.
0 comments:
Post a Comment