Iranian government said to be using MITM hack to spy on Gmail, other Google services

By on Aug 30, 2011 at 1:00 PM
Security August 30, 2011

Hacker groups like Anonymous and LulzSec capture the bulk of mainstream media’s attention when it comes to hackers these days, but it looks like the Iranian government may have recently pulled off an attack that trumps both hacker groups and then some. According to reports, Iranian hackers with ties to the government have managed to executive an MITM attack that compromises Google’s SSL security. An MITM attack, or Man-In-The-Middle attack, is a cyberattack that allows an attacker to covertly intercept or even modify data as it is being transmitted between two computers over the Internet. Using a certificate issued on July 10th by Dutch SSL certificate authority DigiNotar, Iranian hackers have reportedly been able to spy on communications sent via Gmail and other Google services for more than five weeks. DigiNotar revoked the compromised SSL certificate on Monday, however most browsers do not check to see if a certificate has been revoked by default. As such, Mozilla has already released an update to Firefox and Thunderbird that revokes trust for the DigiNotar certificate, and Google said it will soon release a similar update for Chrome. Apple and Microsoft have yet to address the matter publicly or state if and when we can expect updates to Safari or Internet Explorer.

Read

Tags:
, , , , , ,
23 Comments

Related Articles

  • Anonymous

    fuckin iranians

    • Anonymous

      So, the 78+ million Iranians are doing this?  Or their government?  

    • http://www.droiddoes.com/ Norm

      Doc Brown ripped off their uranium

  • http://twitter.com/RickRamey Rick Ramey

    What does this have to do with the next iPhone?

    • Me

      NEWS ALERT! There’s more to life than a phone!!  LOL

  • http://MobileGenius.wordpress.com JM

    Damn…you mean to tell me they know I asked my girlfriend for sandwhiches and some milk? Is is some BS!

  • Hugo Miramontes

    … have managed to executive an MITM…
    I think the word is “execute”?

  • Anonymous

    Source Article “The evidence that Iran was using this certificate to spy on its citizens is circumstantial at best”.

  • asahli

    Ugh. Dirty Arabs.

    • Anonymous

      Wow. Way to throw 1 billion people in your racist mentality.

    • Torontock

       You uneducated fool.. they are persian, not arab. Different language and culture. Take a history class

      • Drew

        It has nothing to do with history unless of course you’re taking that Middle Eastern Culture class. Perhaps a World Geography class will do…

      • Anonymous

        Well, probably and unfortunately, he’s American which means has little or no clue about geography outside of his immediate (city) vicinity. 

    • Ulysses Grant

      Iranians are Persians not Arabs.

  • Anonymous

    Common, this is news???  We’d all be surprised if they weren’t!!  In this day and age when EVERYTHING is hacked it’s almost impossible to stop.  We’re all doomed I tells ‘ya.

  • http://twitter.com/palfrei Peter Palfrei

    We, the people, wanted the internet so… to bear with all its goodies and baddies.

    If you need confidentiality, talk in person; it has always been the best method.

  • Anonymous

    Hah! Let them try! Google is 100% infallible!

    • Anonymous

      Infidel The Great Evil will fall at the hands of our cyber intifada.

  • Anonymous

    These Iranians should try getting jobs at The Great Evil. They would fit in perfectly with Google’s unofficial mantra of get our users info by any and all means possible and sell every bit of it for cash. Hey BGR you sure Iran isn’t a parent company of The Great Evil?

    • Anonymous

      ^Great loser^

      • Anonymous

        Why so upset dude your mom didn’t suck your dick today

  • Frz

    Iranian Hackers > Anonymous

  • Malfureon

    Meh the jews and U.S. started this code war and this man in the middle attack is peanuts when compared with what the Israelis did

blog comments powered by Disqus