A dodgy digital certificate issued by Dutch outfit DigiNotar, has left 300,000 Iranian Internet users with their digital pants around their virtual ankles.
The 300,000 unique IP addresses were logged requesting access to google.com using the rogue certificate, which was issued by DigiNotar on July 10th. The certificate was revoked on August 29th but not before it had been used by hundreds of thousands of users, nearly all of whom are in Iran.
According to security firm, Fox-IT which was hired to investigate the compromise of the certificate, the fact that 99 per cent of the users are in Iran suggests the hack was designed to intercept private communications in the country. Whether this was done by Iranian authorities or western ones remains to be seen and is currently dependent on your political persuasion.
IP addresses using Google with the 'rogue' certificate may have had e-mail intercepted, along with a login cookie, giving the hacker access to all Google services active on the user's account.
Google reported "attempted SSL man-in-the-middle (MITM) attacks" using the fraudulent SSL on August 29th leading to the withdrawal of the dodgy document.
Fox-IT investigators criticised DigiNotar's network setup and procedures as woefully inadequate.