By
updated 3/28/2011 6:13:59 PM ET 2011-03-28T22:13:59

An Iranian hacker is claiming responsibility for stealing security certificates last week from some of the Internet’s biggest websites, including Google, Yahoo, Microsoft and Skype.

The hacker, writing on pastebin.com, said he was able to compromise GlobalTrust.it and InstantSSL.it, both partners of Comodo, the New Jersey-based firm that issues Secure Sockets Layer (SSL) encryption certificates to websites. Security certificates are meant to verify a website's identity to the end user.

On March 23, nine SSL certificates that could be used to gain unauthorized access to sensitive info were stolen from Comodo; the attack was traced back to an IP address in Iran. Initially, Comodo and other security experts believed the attack was performed by a group of Iranian hackers, possibly the Iranian Cyber Army, which last month attacked the Voice of America website.

On pastebin.com, the hacker boasted in broken English that he perpetrated the high-profile hack alone.

"I’m not a group of hacker, I’m a single hacker with experience of 1,000 hackers, I’m a single programmer with experience of 1,000 programmers, I’m single planner/project manager with experience of 1,000 project managers, so you are right, it’s managed by a group of hackers, but it was only I with experience of 1,000 hackers."

The hacker, who said he is 21, promised to unleash further attacks against enemies of Iran.

"My message to people who have problem with Islamic Republic of Iran, SSL and RSA certificates are broken, I did it one time, make sure I’ll do it again, but this time nobody will notice it," he wrote. "If you was doing a dirty business in (internet) inside Iran, I suggest you to quit your job, listen to sound of most of people of Iran, otherwise you’ll be in a big trouble, also you can leave digital world and return to using abacus."

It’s still not clear whether the writer was truly behind the SSL hack, or even if the attack really came from Iran. Internet Protocol (IP) addresses are easy to spoof, and any good hacker covers his tracks.

Following the disclosure of the fraudulent SSL certificates, Microsoft Internet Explorer, Google Chrome and Mozilla Firefox all issued security patches to prevent their Web browsers from being exploited.

© 2012 SecurityNewsDaily. All rights reserved

Discuss:

Discussion comments

,

Most active discussions

  1. votes comments
  2. votes comments
  3. votes comments
  4. votes comments