Slashdot Mirror

← Back to Stories (view on slashdot.org)

Rogue SSL Certs Issued For CIA, MI6, Mossad

Posted by timothy on from the usual-suspectors dept.

Orome1 writes with this excerpt from Help Net Security: "The number of rogue SSL certificates issued by Dutch CA DigiNotar has ballooned from one to a couple dozen to over 250 to 531 in just a few days. As Jacob Appelbaum of the Tor project shared the full list of the rogue certificates, it became clear that fraudulent certificates for domains of a number of intelligence agencies from around the world were also issued during the CA's compromise — including the CIA, MI6 and Mossad. Additional targeted domains include Facebook, Yahoo!, Microsoft, Skype, Twitter, Tor, Wordpress and many others."

2 of 152 comments (clear)

  1. F-secure has a partial list by nweaver · · Score: 5, Informative

    It may not be complete, but, F-secure has a list of the ones created, including *.*.com, *.*.org, www.cia.gov, addons.mozilla.org, *.torproject.org, etc...

    --
    Test your net with Netalyzr
  2. Re:Wow... by AVee · · Score: 4, Informative

    And according to TrendMicro 'someone' make rather heavy use of the diginotar certificates on ~40 different networks in Iran: http://blog.trendmicro.com/diginotar-iranians-the-real-target