LinkBack URL
About LinkBacks
Reply With QuoteAll ComodHacker's messages: ComodoHacker's Pastebin - Pastebin.com
Late last month "security firm Fox-IT was called in to analyse the sequence of events at DigiNotar". The company issued a technical statement on 5 September (http://www.diginotar.nl/Portals/7/Pe...ip%20v1.0a.pdf)
and the matter hit the headlines on 6 September:
"Iranians hit in email hack attack" BBC News - Iranians hit in email hack attack The following message left on pastebin (Striking Back... - Pastebin.com)
Essentialy alot of fake certificates were granted that would alow a person or persons to track Iranian net traffick, twitter and such like. DigiNotar normaly issues these cerificates and was hacked.
It then emerged that this was not first attempt; "On 19 July, Dutch CA DigiNotar detected an unauthorised intrusion into its systems." (BBC News - Fake DigiNotar web certificate risk to Iranians)
This time the message left on one of the certicates was:
"Of particular note is this certificate:
CN=*.RamzShekaneBozorg.com,SN=PK000229200006593,OU =Sare Toro Ham Mishkanam,L=Tehran,O=Hameye Ramzaro Mishkanam,C=IR"
The analyst interprets this as:
"Thanks to an anonymous Farsi speaker, I now understand that the above certificate is actually a comment to anyone who bothers to read between the lines:
"RamzShekaneBozorg" is "great cracker"
"Hameyeh Ramzaro Mishkanam" translates to "I will crack all encryption"
"Sare Toro Ham Mishkanam" translates to "i hate/break your head""
Another pastebin message among other stuff says "a) I'm single person, do not AGAIN try to make an ARMY out of me in Iran. If someone in Iran used certs I have generated, I'm not one who should explain."
So today, due to information in first message ("I still have access: GlobalSign") GlobalSign has stopped issuing cerificates; BBC News - GlobalSign stops secure certificates after hack claim
It is reported that he also says: "Dutch government is paying what they did 16 years ago about Srebrenica, you don't have any more e-Government huh?"
To summarise then: We have a farsi speaker, who claims to be a 'single person' elsewhere claims to be 21 etc (ie. 4 at the time of Srebrenica), speaks fluent English, can hack to a level barely below national security standards and whose sole accomplishment for this work was to comprimise the privacy of Iranian peoples web traffic... presumably the water fights are a serious threat!
Last edited by snapper; 07 Sep 11, at 15:56.
All ComodHacker's messages: ComodoHacker's Pastebin - Pastebin.com
Stuxnet 3 hits Iran (Duqu):
"IRAN says its defence computer systems have been infected with a ''supervirus'' similar to the one believed to have been created by Israel that severely damaged Tehran's nuclear program last year.
Anti-virus experts have identified a virus called Duqu that they say shares properties with the Stuxnet worm apparently created by Mossad, the Israeli security service. It was thought to have targeted the nuclear program's centrifuges, the devices that enrich uranium to create nuclear fuel.
It was not clear from the Iranian statement whether Duqu had also struck nuclear facilities, but it was the regime's first admission of damage."
Read more: Virus hits Iran's defence network
Of course the assumption here that Stuxnet was an Israeli attack is not proved and actualy dubious.
Last edited by snapper; 15 Nov 11, at 18:59.
There are currently 1 users browsing this thread. (0 members and 1 guests)
Posting Permissions
Share this thread with friends: