Twitter Delicious Facebook Digg Stumbleupon Favorites More

Saturday, 17 September 2011

Hackers Iran lied to the International Internet Users



A recent study found that Trend Micro Internet users in 40 different networks of Internet providers and the University of Iranians turned out to contain fake SSL certificate issued by DigiNotar.

Providers and suppliers sites SSL certificate authority certificate in the Netherlands, was used to spy on Internet users in Iran on a large scale.

In theory, false certificates could be used to trick users into visiting a fake version of a Web site, or used to control communication with the actual site without the user noticing.

But the trick of a false certificate, a hacker must be able to direct Internet traffic routed through a server he controls. That's something only the Internet service provider, or government with a single command, and can do so easily.

Iranian state itself does not have a CA (Certificate Authority) itself. If they do, they can only issue a certificate naughty deceived. However, because they do not have to necessarily require an official certificate from a trusted CA as DigiNotar.

Trend Micro to see this rarity that makes the site an SSL certificate provider, DigiNotar under the mercy of hackers in Iran. So was launched through its official statement on Saturday (17/09/2011).


At this time about hundreds of thousands of unique IP addresses access to google.com Iran calls using fake certificates issued by DigiNotar. Trend Micro detects thousands of unique IP addresses requested google.com has been identified. On 4 August the number of requests to increase rapidly until a certificate is revoked on August 29.

The evidence was based on data collected from time to time, thanks to the Trend Micro Smart Protection Network is showing fake SSL certificate issued by DigiNotar, used to spy on Internet users in Iran on a large scale.

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | Blogger Templates