Fraudulent Google Credential Found in the Wild

Hackers use a counterfeit SSL certificate to snoop on the online activities of Iranians.

The Register: Security researchers say that someone has been using a fake secure socket layer (SSL) certificate to impersonate secure Google websites. DigiNotar, a Dutch certificate authority, issued the faulty certificate on July 10, meaning its unknown holders have had it for more than 40 days.

The problem came to light when an Iranian Google user posted a message on a forum. “I think my ISP or my government did this attack (because I live in Iran and you may hear something about the story of Comodo hacker!)” he wrote.

In response, Google said, “While we investigate, we plan to block any sites whose certificates were signed by DigiNotar.”

Tags: hack attacks

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.



IT Management Daily
Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that datamation.com may send you Datamation offers via email, phone and text message, as well as email offers about other products and services that Datamation believes may be of interest to you. Datamation will process your information in accordance with the Quinstreet Privacy Policy.