September 6, 2011
‘Comodohacker’ Claims Responsibility For DigiNotar Hack
A hacker known as the "Comodohacker" has claimed responsibility for attacking a Dutch company that issues security certificates for websites.
The hacker claimed responsibility for the attack and posted a warning on Pastebin under the handle "Comodohacker" that he would "strike back again."
Comodohacker says he is a 21-year-old Iranian student, while some suspect he could be Turkish.
He said on Monday that he breached DigiNotar in order to punish the Dutch government for actions of its soldiers in Srebrenica, where 8,000 Muslims were killed by Serbian forces in 1995 during the Bosnian War.
Over 500 fraudulent SSL certificates were issued by DigiNotar after its systems were breached.
The attack on DigiNotar, a Dutch subsidiary of VASCO Data Security International Inc., is much more serious than previously thought. Once Comodohacker gained access to the network and infrastructure of several of DigiNotar´s CAs, they generated hundreds of forged certificates for third-party domains.
Comodohacker said he still has access to four "high-profile" CAs and retains the ability to issue new rogue certificates, including code signing certificates.