A screencap of of the Pastebin account used by the hacker to communicate
(WEB HOST INDUSTRY REVIEW) — The hacker who claimed responsibility for hacking a Comodo reseller and acquiring a selection of rogue SSL certificates last week may have compromised another certificate authority, according to comments made in an email interview, as well as comments made by Comodo CEO Melih Abdulhayoglu.
An article posted Wednesday at CIO.com quotes a comment from the hacker, reportedly known as Ich Sun, made during an email interview, stating, “Talking about second CA have no use for me, except giving away my work and corrupting it, sorry.”
The obvious implication in the statement is that there is “work” to be done on a second compromised CA that could be corrupted by disclosing it. The nature of that work has not yet been made clear, although some of the comments posted online by the hacker seem to suggest the attacks were attempted in part as retribution for the Stuxnet worm, which targeted Iranian industrial organizations last year.
The CIO.com article quotes Abdulhayoglu as saying he “does not know” whether a second CA was compromised. He does describe the circumstances that might lead one to believe it was true, however.
As reported earlier this week, Comodo uncovered two other resellers that had been compromised and suspended their registration authority privileges while security patches were applied. Neither of those attacks was successful in accessing Comodo SSL certificates, says the company, but Abdulhayoglu told CIO.com that one of those partners was also a reseller of another certificate authority.
Assuming another CA was compromised seems like it would be a bit of a stretch at this point – mostly speculation based on an allusion made by an anonymous (and seemingly fairly self-aggrandizing) criminal and a kind of broad statement of possibility made by an executive who is under the microscope at the moment.
However, if another CA was compromised, it will undoubtedly become clear in the near future.
About Liam Eagle
Liam Eagle has worked as a contributor to the Web Host Industry Review since its inception in 2000, and as editor since 2003. He has been editor of the WHIR's print magazine since its launch. His daily involvement in the gathering and reporting of Web hosting news and his regular interaction with Web hosting leaders gives him an uncommonly broad appreciation of the issues and tends facing the business. Through his WHIR blog, Liam spots Web hosting trends and offers opinions on the industry-wide impacts of major developments and the motivation behind big announcements. Follow him on Twitter @liameagle
No related posts.
