The hacker behind the DigiNotar certificate authentication theft in August has been revealed as the Iranian Comodo Hacker after he admitted to the theft in a blog post.
Comodo Hacker hit the headlines in March when he hacked the Comodo system and stole nine SSL certificates. The company believed initially that the attack originated from the Iranian government, but it now seems to have been the action of one individual.
In the latest post, entitled Striking Back, the hacker declined to disclose how he perpetrated the attack on DigiNotar, but listed a series of systems he had managed to infiltrate to brag of his prowess.
"I'll talk technical details of hack later. How I got access to six layer network behind internet servers of DigiNotar, how I found passwords, how I got system privilege in fully patched and up-to-date system," he said.
"How I bypassed their nCipher NetHSM, their hardware keys, their RSA certificate manager, how I got full remote desktop connection when there was firewalls that blocked all ports except 80 and 443."
Comodo Hacker also claimed that he has certificate authority (CA) codes from other companies, again boasting of his skills in gaining this information.
"You know, I have access to four more HIGH profile CAs, which I can issue certs from them too which I will. I won't name them," he wrote.
"I also had access to StartCom CA, I hacked their server too with sophisticated methods. He was lucky by being sitted in front of HSM [hardware security module] for signing, I will name just one more which I still have access: GlobalSign."
F-Secure chief research officer Mikko Hyppönen said in a blog post that the revelation was not a huge surprise.
"Almost from the beginning of the DigiNotar CA disaster we had a reason to believe the case was connected to ComodoGate, the hacking of another CA earlier this year by an Iranian attacker," he said.
Climate change likely forced inhabitants of Indus Valley civilisation to resettle in the Himalayan foothills
Shift in weather patterns made agriculture almost impossible in the Indus Valley region
Researchers claim that the magnetic properties of a thin-film material can be controlled by applying a small voltage
Dubbed Antlia 2, the ghost galaxy sits just 130,000 light-years away from the Milky Way
Delays to the roll-out of age verification for adult websites hasn't stopped government from considering extending them to more websites