Security & Privacy + Software & Apps

DigiNotar Certificate Hack: What Happened and How

Posted on by

The big news in the security industry in the past couple of weeks has been a hack of DigiNotar, a Dutch certificate authority. We reported on this in late August, and Apple issued a security update last week to fix the problem on Macs.

The New York Times has a detailed look at what happened and how. This was the work of a lone hacker, “Comodohacker,” an Iranian who shared the results of his hack with others in Iran, leading to possibility that some Iranians had their e-mail compromised. Google advised Iranian Gmail users to change their passwords because of this breach.

The hacker took 10 days to get access to DigiNotar’s servers, and created 531 fake certificates, for sites such as Google, Facebook and Skype, as well as the CIA, MI6 and Mossad. As the New York Times says, “He shared them with a person or organization believed to have had control over dozens of Internet service providers and university networks in Iran — perhaps the government itself.”

If you’re using a Mac, make sure to apply the latest security update so you can be protected from any possible bogus certificates you may encounter.

For even more information about the DigiNotar breach, see Joshua Long’s comprehensive article on How to Revoke Trust for DigiNotar Root CA Certs—Even On Older Macs.