Skip to main content

Iranian Hacker Claims Responsibility For Fake SSL Certificates

An Iranian hacker has apparently claimed responsibility for the recent SSL certificates attack, which saw fake digital certificates being issued for websites like Google, Skype and Windows Live.

The hacker, who claims he was acting alone, said that the attack was revenge for the Stuxnet virus attack on Israel's nuclear power plants. Stuxnet was reportedly a state-sponsored attack to dismantle Iran's nuclear capabilities.

Online security certification firm Comodo had suffered a massive security breach after the hacker issued 9 SSL certificates for popular websites. SSL certificates, denoted by a padlock sign next to the web address on a browser, allow websites and users' computers to share encrypted information, which is inaccessible to a third party.

The fake certificates were aimed at compromising the security of web users and cause a loss of trust in such websites.

In a boastful message posted on code sharing site PasteBin, the hacker said, “When USA and Israel creates Stuxnet, nobody talks about it, nobody blamed, nothing happened at all, so when I sign certificates nothing should happen, I say that, when I sign certificates nothing should happen.”

“If you was doing a dirty business in internet inside Iran, I suggest you to quit your job, listen to sound of most of people of Iran, otherwise you'll be in a big trouble, also you can leave digital world and return to using abacus,” he warned.