The alleged hacker of Comodo stepped forward this weekend to explain how he generated bogus SSL certificates for login.skype.com, mail.google.com, login.live.com and other popular internet websites.
His story is that he was able to compromise Comodo’s partner GlobalTrust.it and InstantSSL.it. Both sites are currently “under construction.”
He brags how he decided to bring down the SSL root certificate system and began by attacking the RSA algorithm, but when he found the vulnerabilities in these websites he decided on that approach.
On that point I would have to agree with him, as hacking the RSA algorithm seems a significantly more difficult challenge, but the text of his “manifesto” is so full of bravado it is difficult to even read.
While he is Iranian, he claims no association with the “Iranian Cyber Army” and insists he is simply a hacker with a 1000 times the knowledge and experience as everyone else…
While investigating how he might compromise a Certificate Authority (CA) he stumbled upon InstantSSL.it and their use of a DLL on their site used to submit Certificate Signing Requests (CSRs) for immediate signing by the CA.
Upon disassembling this DLL, he discovered a plain text username and password used as part of the CSR submission process, allowing him to submit any CSR he wished to be signed by Comodo and instantly retrieve the signed certificate.
Initially it was unclear if this guy was for real, and of course it is still impossible to tell. He did post some of the source from TrustDLL.dll to pastebin, including the parts used for authentication that stored the unencrypted password.
Once again we come back to insecure passwords and password handling techniques. Fortunately the impact of this incident is quite small and may be a wake-up call for the certificate industry as a whole.
As Mozilla pointed out in a blog post, the practice of directly signing certificates with the root certificate, as Comodo had been doing, is really bad practice.
The one remaining mystery is this: If it was a lone hacker making a point, why issue certificates for these specific websites, all related to secure communication methods often used by dissidents to organize protests and share news with the world? His ramblings certainly show his support for Mahmoud Ahmadinejad and the current Iranian regime, but there are no conclusive ties to his government.
You have to be f***g kidding me. The only verification that this site used was a username and password that was HARD CODED into a DLL that was given to users? I don’t believe they would be this stupid.
If not signed by root certificate how SHOULD it be signed?
An intermediate certificate. The idea is if the root certificate were compromised it would require invalidating all certificates issued by the root. By subdividing the authority, in an emergency you only invalidate a subset.
Actually Comodo should be able to revoke the RA certificate in the chain for InstantSSL.it, if they haven't done so already. Nasty impact, but InstantSSL.it was owned. Comodo's own root certificate would not be affected.
They can't because they were signing all the certificates by the root. This is a major problem and hopefully in the future Comodo will resolve this issue. All RAs should have intermediate certificates….
Nasty! The resellers I knew of, had their RA certs issued from the UTN-UserFirst-Hardware CA . If that needs to be revoked, much bigger impact. This just keeps getting worse. Thanks for the updates!
They aren't talking about revoking the certificate because they think they have identified the bogus certs. Hopefully that is true and remains the case.
Chester: Have you ever looked at a Comodo-issued certificate? They've been one of the few CAs who have *always* used intermediates, and *never* signed from a root.
I used to by from RapidSSL because they did sign from the root and Comodo didn't.
I'd do some proper research, if I were you.
We should confess that attack was so advanced and he did what he wanted to do: "Breaking SSL", what's countermeasures for future?
thank you for making a difficult concept to understand more understandable. He still would have to phish someone to go to the fraudulent site correct? or do a blackhat seo technique to get the user to click on the link?
Comodo should be put out of business.
How many times should Comodo fall on their face only to keep issuing certificiates? Look at their track record, it's embarassing.
If this amateur attack on them was succesful, I'd hate to see what skilled technicians could do.
Comodo is a joke and needs to go away.
Hacker just sent another update, see: http://pastebin.com/CvGXyfiJ
I'm curious how he even got a copy of the dll. Most web servers are configured to only allow execution on dll files. Downloading the dll isn't allowed.
No Alex, "all" you need to do is control the network of your targets: be it an Internet cafe or ISP inside a nation state (or replace your targets DSL routers with ones that have some special modifications). If you control the network, you can control the DNS, and thus point your targets to any IP address you desire when they try to go to mail.google.com, etc. Game over.
He's hardly brought down the SSL root certificate system has he or broken "SSL"? He's clearly hacked an SSL reseller and fraudulently issued some certificates which were promptly revoked . I should imagine this has (hopefully) been a serious wake up call to SSL Authorities to tighten up their security.