Fraudulent Google Credential Found in the Wild

Wednesday Aug 31st 2011 by Staff

Hackers use a counterfeit SSL certificate to snoop on the online activities of Iranians.

The Register: Security researchers say that someone has been using a fake secure socket layer (SSL) certificate to impersonate secure Google websites. DigiNotar, a Dutch certificate authority, issued the faulty certificate on July 10, meaning its unknown holders have had it for more than 40 days.

The problem came to light when an Iranian Google user posted a message on a forum. “I think my ISP or my government did this attack (because I live in Iran and you may hear something about the story of Comodo hacker!)” he wrote.

In response, Google said, “While we investigate, we plan to block any sites whose certificates were signed by DigiNotar.”

Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved