In order to prove his identity, the person claiming to have hacked Comodo published the private key of his forged certificates. I've verified that they key is valid. This post describes how.
Showing posts with label comodogate. Show all posts
Showing posts with label comodogate. Show all posts
Monday, March 28, 2011
Interview with ComodoHacker
I had an e-mail exchange with the ComodoHacker. The original was one e-mail request, followed by an e-mail response. I've interleaved the two, but otherwise I haven't edited the questions/answers. Original statements from him are posts at http://pastebin.com/u/ComodoHacker. Note that I've verified the private key matches the public key, so this is the hacker (beyond a reasonable doubt).
Sunday, March 27, 2011
The Comodo hacker releases his manifesto
http://pastebin.com/74KXCaEZ, decompiled code here http://pastebin.com/DBDqm6Km, and account database here http://pastebin.com/CvGXyfiJ. As a pentester who does attacks similar to what the ComodoHacker did, I find it credible. I find it probable that (1) this is the guy, (2) he acted alone, (3) he is Iranian, (4) he's patriotic but not political.
Wednesday, March 23, 2011
No reason to believe Comodo attack came from Iranian Government
At the bottom of the recent Comodo advisory is this line:
This is not the only logical conclusion.
All of the above leads us to one conclusion only:- that this was likely to be a state-driven attack.
This is not the only logical conclusion.
Subscribe to:
Posts (Atom)