Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


04:03 PM

Comodo Hack Highlights Chinks In Net Infrastructure

The certificate authority's issuance of valid certs to a supposedly Iranian hacker causes experts to question the capability of the certificate infrastructure to respond to attacks

A self-described 21-year-old Iranian hacker's ability to get high-value security certificates issued by Comodo might have little impact on the security of most companies and consumers. Yet the reverberations will certainly be felt throughout the Internet's infrastructure, security experts say.

On Tuesday, Comodo CTO Robin Alden acknowledged that two other registration authorities -- the companies that vet requests for certificates -- had suffered compromises. Along with the original company, InstantSSL.it (part of GlobalTrust), the two registration authorities had their privileges suspended by Comodo, which has already worked with browser makers to revoke the certificates.

Along with the recent attack on security firm RSA, which warned earlier this month that its systems had also been breached and information stolen that could weaken SecurID, its widely used one-time-password technology, the Comodo scam highlights major problems with the underpinning of Internet security, says Anup Ghosh, founder and chief scientist for browser security firm Invincea.

"In the context of RSA and in the context of Comodo, what you are looking at are attacks against fundamental security infrastructure," Ghosh says. "What this attack illustrates is that the faith in that foundation has been shaken."

The attack calls into question the ability of certificate authorities to accurately check the identity of persons requesting a certificate. The Comodo hacker requested certificates for major domains, such as Microsoft's Live and Google's Gmail, almost guaranteeing that the requests would be noticed, says Paul Mutton, security researcher with network monitoring firm Netcraft.

"The attacker has gone after what looks like the weaker points of the security chain here," Mutton says. "It makes you wonder, if it wasn't a high-value target ... would it have been noticed? Are there already certificates out there that have been fraudulently obtained and haven't been detected?"

The hacker has published five posts on Pastebin regarding the attack, claiming to have breached a registration authority's security through an SQL injection attack. He then expanded his beachhead on the server by exploiting a privilege escalation flaw. The attacker offered the private key to the fraudulently obtained Mozilla certificate as proof of his claims. Several researchers have already confirmed that the private key is valid.

"It took me time, I hacked a lot of resellers, but I found out that most of the CAs verify customers in their own way," the attacker wrote. "After a lot of research and talking as a customer to CAs, I found out there is possible potential in Comodo, I saw resellers can't verify customers, but Comodo partners can."

To its credit, Comodo took immediate steps to revoke certificates. The company discovered that two other registration authorities (RAs) were also compromised.

"We are rolling out improved authentication for all RA accounts," Robin Alden, Comodo's chief technology officer, wrote in a post on Tuesday on mozilla.dev.security.policy. "We are implementing both IP address restriction and hardware-based two-factor authentication."

The company plans to manually verify all requested certificates until the new security measures are rolled out, according to Alden.

While the capability of the attacker to succeed in the attack is disturbing, the problems in revoking the certificates -- and showing that revocation to the user through effective user-interface design -- is, perhaps, more threatening. The Online Certificate Status Protocol (OCSP), which allows browsers to check the revocation status of a certificate in real time, fails nearly invisibly on Microsoft's Internet Explorer and without any significant warning on Mozilla's Firefox, according to Adam Langley, a security engineer at Google.

"If the attacker is close to the user (say, on a cafe's wireless network), then they can only attack a smaller number of users, but they can intercept traffic to the CA and thus defeat revocation," Langley wrote on his blog.

It's an assertion with which the ComodoHacker seems to agree.

"I reversed the protocol, re-wrote response, created a code which returned my fake OCSP response, so [that the] browser never thinks certificates are revoked," he wrote in an e-mail interview with DarkReading. "OCSP protocol is useless."

One solution to revocation is to stop doing it altogether, Langley says. Instead, companies could use certificates that are good for only a few days. Instead of revoking a bad certificate, companies would just have to stop renewing the certificate.

"Clients wouldn't have to perform revocation checks, which are very complex and slow, CAs wouldn't have to pay for massive, DDoS proof serving capacity, and revocation would actually work," Google's Langley writes.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
The Mainframe Is Seeing a Resurgence. Is Security Keeping Pace?
Ray Overby, Co-Founder & President at Key Resources, Inc.,  8/15/2019
The Flaw in Vulnerability Management: It's Time to Get Real
Jim Souders, Chief Executive Officer at Adaptiva,  8/15/2019
Tough Love: Debunking Myths about DevOps & Security
Jeff Williams, CTO, Contrast Security,  8/19/2019
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2019-08-21
Rapid7 Nexpose versions 6.5.50 and prior suffer from insufficient session expiration when an administrator performs a security relevant edit on an existing, logged on user. For example, if a user's password is changed by an administrator due to an otherwise unrelated credential leak, that user accou...
PUBLISHED: 2019-08-21
A vulnerability reported in Lenovo Solution Center version 03.12.003, which is no longer supported, could allow log files to be written to non-standard locations, potentially leading to privilege escalation. Lenovo ended support for Lenovo Solution Center and recommended that customers migrate to Le...
PUBLISHED: 2019-08-21
KBPublisher has SQL Injection via the admin/index.php?module=report entry_id[0] parameter, the admin/index.php?module=log id parameter, or an index.php?View=print&id[]= request.
PUBLISHED: 2019-08-21
A directory traversal vulnerability in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to write or delete files at any location.
PUBLISHED: 2019-08-21
Leakage of stack traces in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to gather information about the file system structure.