A screenshot of the "ComodoHacker" Pastebin account, where several documents have been posted
(WEB HOST INDUSTRTY REVIEW) — As reported this morning by Paul Mutton at Netcraft, (who is keeping a close eye on the story), Comodo has confirmed that it has suspended registration authority privileges from two more resellers who were compromised in last week’s well-publicized attack.
Comodo says no further certificates have been issued by the compromised RAs.
Last week we reported that an attack on Comodo RAs GlobalTrust, and its InstantSSL.it site had resulted in several rogue SSL certs being issued to a hacker, for communications sites like Gmail, Hotmail, Skype and others.
Early this week, an Iranian hacker took credit for the attack, posting information that backed up his claim on the file sharing site Pastebin.
In the Netcraft posting, Mutton links to a newsgroup posting by Comodo CTO Robin Alden, in which Alden confirms the compromise and outlines some of the new domain validation procedures the company is imposing on its RAs following the compromise.
In the post, Alden points out that the rogue certificates were not the result of lax validation efforts by the RA, but rather a targeted attack by the hacker.
The “ComodoHacker” Pastebin account includes several documents containing lengthy commentary from the hacker, who now appears to be engaging in a war of words with the company.
Netcraft reports that both GlobalTrust.it and InstantSSL.it, the RAs that were shut down immediately following last week’s attack, are back online and issuing SSL certificates again.
Comodo is presumably working to get the more recently compromised and suspended RAs back up as well.
About Liam Eagle
Liam Eagle has worked as a contributor to the Web Host Industry Review since its inception in 2000, and as editor since 2003. He has been editor of the WHIR's print magazine since its launch. His daily involvement in the gathering and reporting of Web hosting news and his regular interaction with Web hosting leaders gives him an uncommonly broad appreciation of the issues and tends facing the business. Through his WHIR blog, Liam spots Web hosting trends and offers opinions on the industry-wide impacts of major developments and the motivation behind big announcements. Follow him on Twitter @liameagle
No related posts.
