Flawed Website Certificate Validation Process Led To Comodo Hack

Certificate authority points to Iran as likely attacker, while security experts say certificate registration and validation process needs repair

Comodos revelation yesterday that nine SSL certificates had been issued for fraudulent websites posing as domains for high-profile sites serves as a wake-up call for a certificate process that security researchers long have warned is riddled with holes.
The
certificate authority (CA) reported
that the certificates were issued for mail.google.com, www.google.com, login.skype.com, addons.mozilla.org, login.live.com, and global trustee, and three different ones for login.yahoo.com. Only one of the login.yahoo.com certificates was spotted as up and running on the Internet.
It basically lets attackers impersonate Google, Yahoo, Skype, Microsoft, and Mozilla websites or to wage man-in-the-middle attacks to snoop on communications going through those sites, whether its a Skype call or an instant messaging session. The Mozilla certificate could let them establish a phony Firefox update that downloads malicious code to Firefox browsers fooled by its certified domain.
It all started with the hack of a European reseller of Comodo certificates, also known as a reseller authority (RA), which validates and issues SSL certificate requests. The attackers used stolen credentials from the RA in order to issue the rogue certificates. The phony certificates were revoked by Comodo once they were discovered. Comodo says there has been no sign of them being used since then, and that its own root keys, intermediate CAs, and hardware were not compromised. Browsers with the Online Certificate Status Protocol (OCSP) feature will automatically validate and block any of these certificates.
But security experts say revocation isnt a sure thing: The rogue certificates could still be in use, possibly in more stealthy, one-off attack scenarios. The scary thing is that its hard to detect if they are still out there. The attackers wouldnt leave [a certificate] sitting on the Net so that anyone could locate it: They would use it in very targeted, specific attacks against one user or a subset of users, says Mike Zusman, managing principal consultant with The Intrepidus Group, who
demonstrated similar attacks nearly two years ago at DefCon
.
In my opinion, once you have one of these certs, its easy to keep it to yourself and limit its exposure, Zusman says.
Comodo says the attack appears to be nation-state sponsored, most likely out of Iran since the IP addresses involved in the attack were mostly from that country. That has led to the theory that Iran was using the phony certificates to spy on its citizens via Google mail, Yahoo mail, Skype, and Microsofts Windows Live.
But the attackers also could have originated from elsewhere, using Iran as a cover, experts say. Robert Graham, CEO of Errata Security, argues that an IP address location doesnt mean much these days as a geographic clue. Its trivially easy to find an open proxy and bounce your attack through it, proxy through an infected botnet, bounce through a Tor exit node, or use some other anonymization service, Graham
said in a blog post
.
It also just as well could have been either an attacker looking for a way to easily steal passwords via WiFi at airports and coffee shops, for instance, or for extending penetration into an organization, either via Chinese hackers or firms that perform pen tests for federal agencies, Graham noted. During a pen-test, we almost always pop up a DNS server or network equipment that would allow us to man-in-the-middle such sessions. Forged certificates would be an excellent way to extend those attacks.
Even Comodo admits IP spoofing could be masking the real perpetrators. While the involvement of two IP addresses assigned to Iranian ISPs is suggestive of an origin, this may be the result of an attacker attempting to lay a false trail,
blogged Phillip Hallam-Baker
, vice president and principal scientist at Comodo.
Meanwhile, the attack has put the certificate authority registration process under scrutiny once again. This is obviously a very serious case, says Mikko Hypponen, chief research officer at F-Secure. This was obviously planned beforehand, and they were trying to so do something ... whether they were successful, we do not know, he says. I would love to see it as a wake-up call for CAs to shore up their systems, and for Web browser vendors to carefully look at what kind of CA providers they have [as trusted].
Iran doesnt have a CA of its own, Hypponen notes, so if indeed it was behind issuing the phony certificates, this would have been the way for Iran to obtain them.
Comodos model of leaving resellers free to issue certificates on their own without Comodos validation left the door open for such abuse, security experts say.
Im not really surprised it happened looking at how Comodos infrastructure was working and how they basically gave resellers of their certificates a free hand, Hypponen says. With no check-points in place to flag a Google website certificate being issued, for example, the bad guys had free reign here, he says.
At the end of the day, a CA is only as secure as its weakest link, Intrepidus Groups Zusman says. Not even the Extended Validation SSL (EV SSL) certificate could prevent this type of attack given the chain of trust it uses, he says. If you do all of the domain validation you want or EV SSL, if the systems arent patched or their Web apps have vulnerabilities, there are ways to circumvent the validation process, he says. Owning a CA is a lucrative target.
The worst-case scenario, according to Zusman, is that there are other rogue SSL certificates out there in use and in attacks that havent been detected. We really dont know, he says.
In 2009 Zusman was able to hack Comodos EV SSL validation process when a reseller had turned off the validation step, and Zusman was able to score a mozilla.com SSL certificate. At DefCon later that year, he demonstrated how he was able to obtain SSL certs from multiple CAs, including StartCom, THWATE, and LoginLive.com
Meanwhile, Microsoft yesterday issued
a security advisory
on the Comodo hack and pushed out a Windows update that addresses the revoked certificates.
Users can protect themselves from falling victim to such spoofed website attacks by
enabling CRL/OCSP in the browser
, according to Sophos.
Have a comment on this story? Please click Add Your Comment below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Flawed Website Certificate Validation Process Led To Comodo Hack