Intrusion into Dutch SSL provider led to cyber snooping
Chrome, Mozilla and Internet Explorer have reportedly blocked Internet security certificates issued by Dutch company DigiNotar, after the company said an "intrusion" into its Certificate Authority infrastructure led to cyber snooping on Google users.
DigiNotar said that its has revoked the "fraudulent certificate" which was used by hackers to snoop on users in Iran.
DigiNotar issues digital Internet security certificates known as SSL certificates primarily to businesses in the Netherlands.
A Web user in Iran first reported the forgery.
DigiNotar said that an "intrusion" resulted in the "fraudulent issuance of public key certificate requests for a number of domains, including Google.com."
"At that time, an external security audit concluded that all fraudulently issued certificates were revoked," DigiNotar said.
"Recently, it was discovered that at least one fraudulent certificate had not been revoked at the time.
"After being notified by Dutch government organization Govcert, DigiNotar took immediate action and revoked the fraudulent certificate," it said.
Google said in a blog that it has "received reports of attempted SSL man-in-the-middle (MITM) attacks against Google users, whereby someone tried to get between them and encrypted Google services."
"The people affected were primarily located in Iran. The attacker used a fraudulent SSL certificate issued by DigiNotar, a root certificate authority that should not issue certificates for Google (and has since revoked it).
"Google Chrome users were protected from this attack because Chrome was able to detect the fraudulent certificate," said Google.
The company added, "To further protect the safety and privacy of our users, we plan to disable the DigiNotar certificate authority in Chrome while investigations continue. Mozilla also moved quickly to protect its users. This means that Chrome and Firefox users will receive alerts if they try to visit websites that use DigiNotar certificates. Microsoft also has taken prompt action."
"To help deter unwanted surveillance, we recommend that users, especially those in Iran, keep their web browsers and operating systems up to date and pay attention to web browser security warnings."