Social Media/Management

Google detects fake SSL certificates for some of its domains

Management CBR Staff Writer

13:12, December 11 2013

Fake certificate would be used to spoof content, carryout phishing attacks, as well perform man-in-the-middle attacks.

Google has found a cluster of unauthorised Secure Sockets Layer (SSL) certificates for some of its own domains, which were reportedly issued by an intermediate certificate authority (CA) that linked back to French certificate authority ANSSI.

Reports revealed that the fake certificate would be used to spoof content, carryout phishing attacks, as well perform man-in-the-middle attacks.

Google said in a statement that it found the certificate was issued by an intermediate certificate authority (CA) linking back to ANSSI, a French certificate authority.

"Intermediate CA certificates carry the full authority of the CA, so anyone who has one can use it to create a certificate for any website they wish to impersonate," the search major said.

"ANSSI has found that the intermediate CA certificate was used in a commercial device, on a private network, to inspect encrypted traffic with the knowledge of the users on that network."

Consequently, Google blocked the certificate in its Chrome browser, and then informed other browsers, and referred the issue to the French body.

ANSSI said in a statement that as a result of a human error which was made during a process aimed at strengthening the overall IT security of the French Ministry of Finance, digital certificates related to third-party domains which do not belong to the French administration have been signed by a certification authority of the DGTrésor (Treasury) which is attached to the IGC/A.

"The mistake has had no consequences on the overall network security, either for the French administration or the general public," the agency said.

"The aforementioned branch of the IGC/A has been revoked preventively."

Microsoft also revealed that it is aware of an improperly issued subordinate CA certificate and warned that the issue affects all supported releases of its Windows operating system.

Microsoft said in a statement that the improperly issued subordinate CA certificate has been misused to issue SSL certificates for multiple sites, including Google web properties.

"These SSL certificates could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against several Google web properties," the software major added.

"The subordinate CA certificate may also have been used to issue certificates for other, currently unknown sites, which could be subject to similar attacks."

Comments

Post a comment

Comments may be moderated for spam, obscenities or defamation.