GlobalSign CA Stopped SSL Business, More CA Compromised

The famous ComodoHacker who hacks into DigiNotar CA (Certificate Authority) had already revealed that four more CA were compromised including GlobalSign. GlobalSign were forced to stop the SSL certificate business in order to prevent the risk of getting the entire CA removed from the Trusted Authority just like DigiNotar.

GlobalSign is like one of the top 5 CA in the world according to NetCraft and surely they cannot afford to take the risk of being compromised. They are currently still investigating this issue as they are not too sure what had been compromised or whether they were actually compromised or not.

GlobalSign (I have access to their entire server, got DB backups, their linux / tar gzipped and downloaded, I even have private key of their OWN globalsign.com domain, hahahaa)

-ComodoHacker

The pastebin submission from ComodoHacker claims that he had the private of their own globalsign.com domain. He claim to be the person behind the hack of DigiNotar CA and the previously compromised Comodo RA where nine fraudulent SSL certificates were issued at that time.

Apart from the three CA mentioned, StartCom CA was also compromised but not good enough because he could not get his certificate signing request approved due to the CEO was doing some verification at the HSM. However, he claimed that he already had the database hacked and got all the email contacts.

StartCom was lucky enough, I already connected to their HSM, got access to their HSM, sent my request, but lucky Eddy (CEO) was sitting behind HSM and was doing manual verification.

- ComodoHacker

In the latest pastebin, he do mentioned that he had three more CA were compromised and to be announced soon. Who are the three CA? Verisign and Comodo involved? Or it is just a rumor? ComodoHacker seems to be interested with the position of king of internet where really wanted to rule the internet.

Talking back to the compromised CA especially GlobalSign, it is good that actions such as stopping their business temporarily is a good move. Whenever there is an unsure attack, actions should be taken to investigate further so that there is a 100% assurance of what is going on. For a big security company such as CA company, small chances should not be taken as well.

Do join and like my Facebook page to get the latest update on this issue.

Related Posts:

Sign-up To My Newsletter And Get A Free eBook

  • Build your own security now in 10 simple steps

  • Comes together with 15 tips on how to stay online safely

  • You will also receive tips on how to stay secure on the latest deadly threats
Filed Under: News Tagged With: , , , , , ,
About Alan Tay

I am a Software Engineer who works for a Security Firm in Malaysia. Spend most of my time gathering information about security so that I can blog about them here. Owner and founder of IT Security Column.

Speak Your Mind

*

CommentLuv badge