Godlike Productions - Conspiracy Forum
Users Online Now: 2,629 (Who's On?)Visitors Today: 1,938,922
Pageviews Today: 2,597,092Threads Today: 412Posts Today: 8,606
09:38 PM


Rate this Thread

Absolute BS Crap Reasonable Nice Amazing
 

IRANIAN GOVERNMENT ACCUSED IN SERIOUS NET ATTACK

 
Anonymous Coward
User ID: 1292644
United Kingdom
03/24/2011 07:42 PM
Report Abusive Post
Report Copyright Violation
IRANIAN GOVERNMENT ACCUSED IN SERIOUS NET ATTACK
hacker in Iran appears to be behind an Internet attack that almost left Google, Microsoft, Mozilla, Skype, and Yahoo vulnerable to impersonation. The attack was thwarted before anything catastrophic happened, but had it succeeded, the attacker would have been able to pass off web apps from any of those companies as the real deal.

Determine whether a site's legit or not depends on a protocol known as Secure Sockets Layer, or SSL. It's responsible for guaranteeing companies like Google or Microsoft are who they say they are when you're transacting through a browser-based app. If you've ever wondered what the 's' after 'http' signifies when you're accessing a secure service, now you know.

Someone has to issue those certificates, and in this case we're talking about Comodo, a commercial firm that sells products like firewalls, backup utilities, and e-commerce tools--including subscription-based SSL certificates. The hacker somehow managed to slip past Comodo's defenses and request nine of these, and while the company says it's not sure if the hacker successfully retrieved them all, at least one was "definitely" acquired.

"The attacker was well prepared and knew in advance what he was to try to achieve," wrote Comodo in an incident report. "He seemed to have a list of targets that he knew he wanted to obtain certificates for, was able quickly to generate the CSRs [Certificate Signing Requests] for these certificates and submit the orders to our system so that the certificates would be produced and made available to him."

Had the attack been successful, it would have allowed the hacker to lure unsuspecting users to fraudulent websites, snatch their passwords, and track their web activity. The security breach could also have been used to trick users into downloading malware which could then have extracted and transmitted confidential information.

About the Iran connection: It's looking considerably more serious than just a random hack. Comodo was able to trace the attacks to several IP addresses, but said they were "mainly from Iran." Since the Iranian government's recently been involved in attacks on other encrypted forms of communication, Comodo reasons this latest was also "likely to be a state-driven attack."

If that last turns out to be true, so much for warming international relations.



Read more: [link to techland.time.com]
ANNONYMOUS
User ID: 1275893
United States
03/24/2011 07:48 PM
Report Abusive Post
Report Copyright Violation
Re: IRANIAN GOVERNMENT ACCUSED IN SERIOUS NET ATTACK
5a

It appears Iran has been a busy little beaver lately. I wonder if they had anything to do with the cyber attack on the EU today?
Anonymous Coward
User ID: 529896
Australia
03/24/2011 08:14 PM
Report Abusive Post
Report Copyright Violation
Re: IRANIAN GOVERNMENT ACCUSED IN SERIOUS NET ATTACK
After Israel and the US used Stux all is fair. You can't change the rules and then whine when everybody else starts playing by them.
Anonymous Coward
User ID: 1272733
United States
03/24/2011 08:19 PM
Report Abusive Post
Report Copyright Violation
Re: IRANIAN GOVERNMENT ACCUSED IN SERIOUS NET ATTACK
After Israel and the US used Stux all is fair. You can't change the rules and then whine when everybody else starts playing by them.
 Quoting: Anonymous Coward 529896


Iran wishes this could be compared to Stuxnet. Its amusing how hard Iran is trying.

News








We're dropping truth bombs like it's the end of days!