As the Dutch government is reportedly preparing a complaint against Iran, there is now an individual who claims to have broken into DigiNotar and issued 531 fake certificates. He says he is in control of four more CAs and hinted that he will not stop now. The hack may not have been targeted at Iran after all, but there is still a political motive that is directed against the Dutch government.
Security researchers from F-Secure were first to notice ComodoHacker’s updated Pastebin page, which delivers some clues about the DigiNotar hack. ComodoHacker, who created fake certificates back in March, also with an origin that pointed to Iran, said that not an “Army” in Iran, but he as a 21-year old individual penetrated DigNotar 5-6 layers deep and “owned” their entire computer network. He published DigiNotar’s administrator password as evidence that he breached the company’s network. DigiNotar has not replied to our request to either confirm or deny ComodoHacker’s claims.
ComodoHacker says that he has also access to four more Certficate Authorities (CAs) and he is able to issue certificates as he desires. He also claims that he can send out Windows Update messages in Microsoft’s name. To proof his point, he is offering Microsoft’s Windows Calculator for download that is signed with a Google Certificate.
There appears to be still a political motivation behind the hack, as the hacker says that the attack is directed at the Dutch government in retaliation for the July 1995 events in Srebrenica, Bosnia. Back then, 110 Dutch peacekeeping troops were stationed to protect the Muslim population of the town, but were overrun by Serbs who committed what is now know as the Srebrenica massacre or genocide, in which between more than 8000 people have been slaughtered. The Dutch Peacekeepers reportedly were lightly armored and accepted rapes and killings that took place close by. Following a report on the events in Srebrenica, the Dutch government accepted partial responsibility for the massacre and the cabinet resigned 2002.
Pastebin Screenshot
ComodoHacker directly refers to the events in Srebrenica: “Dutch government is paying what they did 16 years ago about Srebrenica, you don’t have any more e-Government huh? You turned to age of papers and photocopy machines and hand signatures and seals? Oh, sorry! But have you ever thought about Srebrenica? 8000 for 30? Unforgivable… Never!” […] “I heard also that Dutch government tries to gather documents and make a compliment against Iran, really? Shame on you man! Have you been in court for Srebrenica? Who should file compliment for Srebrenica? You should pay, these are consequences of Srebrenica, just know it! This is consequence of fighting with Islam and Muslims in your parliament.”
He claims that his actions affected the Dutch government as government services had to be shut down and DigiNotar has been virtually deleted as a trustworthy CA authority globally.
Kurt Bakke in Products on September 06
No comments:
Post a Comment