Comodo RA Compromised

One of the most famous security company, Comodo had one of their RA compromised. For those who are unfamiliar with PKI technology and not too sure what a RA is, here let me explain to you a little. RA is also known as Registration Authority, where this sub-model of the PKI is responsible of issuing digital certificates.

What happen here was while the RA was compromised, it was used by the attacker to issue a fraudulent SSL certificates. SSL stands for Secure Socket Layer and these certificate is mainly used by web servers in providing a ‘https’ environment. Issuing these fraudulent SSL certificates means that the attacker will attempt to use these certificates to host some malicious website.

Quickly, it was mentioned that the root keys, the intermediate CA and the security hardware were not affected. Thus, the problem is only on the issued certificates. Comodo had already take the action of revoking all the fraudulent certificates and it should not be able to use now. Microsoft also released a patch to include the nine revoked SSL certificates by Comodo.

How this could happen is that one of the staff’s username and password were stolen at the southern part of Europe. Attacker use this username and password to login and issue certificates. When the breach was identified, the attacker still using that username to login and they might be interested to go into other domain and perform the same thing.

It was rumored that the IP of the attacker were from Iran however, this does not direcly put the blame into Iran without further investigation. It was just suspect that the attacker was from there. It was also further added by them that the domains targeted “would be of greates use to a government attempting surveillance of Internet use by dissident groups.”


Build Your Own Security
Subscribe to my newsletter and get a copy of my eBook for free.
We hate spam just as much as you

Related posts:

  1. Two-Factor Authentication
  2. Man In The Browser
  3. Boy In The Browser
About Alan Tay

This blog is owned and operated by myMediaInc. My Media operates content based online portals for IT professionals, technology managers and decision makers as well as business leaders. We publish original quality content focused in Software Development, IT Security, SaaS, Cloud Computing, Outsourcing, Project Management and Mobile and Wireless. Our mission is to explore how to help you optimize your resources in each of these areas.

Find us here IT Security Column.


  1. Carol says:

    You seems to be an expert in this field, Great article and keep up the good work, my friend recommended me this.

    My blog:
    credit conso et Rachat De Credit fonctionnaire

    • admin says:

      Hi Carol

      Thanks for the compliment. Unfortunately, I cannot follow your blog well as I am not good in French 😉

Speak Your Mind


CommentLuv badge

This blog uses premium CommentLuv which allows you to put your keywords with your name if you have had 3 approved comments. Use your real name and then @ your keywords (maximum of 3)