Iranian Hacker Claims Comodo Digital Certificate Heist

Monday, March 28, 2011



A rambling statement in broken English that was posted on Pastebin is purported to be from a lone Iranian hacker who is claiming sole responsibility a recent attack against Comodo, an issuer of digital certificates which verify the legitimacy of websites.

Comodo had insisted that digital certificates for some of the biggest companies on the Internet including Microsoft, Yahoo, Skype, and Google, were fraudulently obtained in an Iranian government-supported operation.

The stolen digital certificates could be utilized to validate malicious websites used to spread malware, intercept email communications, or perform other criminal activities.

Comodo officials are convinced the attack was initiated and supported by the Iranian government.

"We believe these are politically motivated, state-driven/funded attacks. One of the origins of the attack that we experienced is from Iran. What is being obtained would enable the perpetrator to intercept Web-based email/communication and the only way this could be done is if the perpetrator had access to the country's DNS infrastructure, and we believe it might be the case here," said Melih Abdulhayoglu, the CEO and founder of Comodo.

The supposed lone-hacker now claiming responsibility, who dubbed him or herself "Comodohacker", said in their statement that the attack on Comodo was in retaliation for the release of the Stuxnet virus that damaged equipment at Iran's Natanz uranium enrichment facility.

“When USA and Israel creates Stuxnet, nobody talks about it, nobody blamed, nothing happened at all, so when I sign certificates nothing should happen..." Comodohacker said.

While the attack against Comodo is being characterized as complex and most likely state-supported, the statements by issued by Comodohacker are obviously meant to convince readers that the hacker acted alone.

“I know you are really shocked about my knowledge, my skill, my speed, my expertise and entire attack. That's okay, all of it was so easy for me... I'm not a group of hacker, I'm single hacker with experience of 1000 hackers, I'm single programmer with experience of 1000 programmers, I'm single planner/project manager with experience of 1000 project managers, so you are right, it's managed by a group of hackers, but it was only I with experience of 1000 hackers," the hacker's statement said.

The validity of the Comodohacker statements are still in question, and it is quite possible that they were crafted in attempt to cover up the involvement of the Iranian government.

"The pastebins look convincing. Whether they were posted by a 21-year old lone gunman or Iran gov't PR department, I don't know," security expert Mikko Hypponen tweeted.

Possibly Related Articles:
Attack Iran Digital Certificates Stuxnet Headlines Hacker Comodo
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.