Tuesday, April 5, 2011

Fraudulent Comodo Digital Certificates Affect Multiple Services

Earlier today news was made public regarding nine fraudulent digital certificates which were issued by a company named Comodo. The certificates were issued through a breached registration authority (RA), causing the applicant to be improperly verified. Mozilla, Google, and Microsoft (major browser vendors) have updated their applications, or put out patches, in order to block the certificates from being used. The certificates have already been revoked as of last week.
To provide a little background, browsers include a list of certificates which are 'blacklisted'. These certificates are ones which have been compromised through some method and no longer validate the authenticity of the person using it. Since they were reported as 'compromised', the browser vendors ship a patch, or updated version of the browser itself, which recognizes these certificates and blocks them from being used.
Users who don't use updated browsers or patched machines may be lead to malicious Web sites which are able to prove their fake identity. For example, someone with a stolen certificate for 'Company X' will be able to host a site wherever he wanted to telling people that he was indeed 'Company X'.
Why does it matter?
If we look at the list of certificates which are involved in this incident, we see a lot of legitimate and popular services being targeted, including but not limited to Google, Google Mail, Yahoo!, Microsoft Hotmail/Live Mail, and Mozilla add-ons.
The first theory which comes to mind is that the person behind the compromise wanted to somehow get credentials, and subsequent access, to mail and other communication accounts. According to this report from Comodo, the attack originated in Iran. The same article goes on to speculate that the perpetrators of this attack may have been state sponsored. While we don't have any information which could either support or dismiss this information, the incident reminds us of the issue which took place earlier this year in Tunisia where, allegedly, some entity was stealing its users' credentials. The Mozilla add-ons could have been targeted here to prevent usage of add-ons which circumvent censorship filters at the country's network perimeter. Anyway, I digress.
For end users, the key here is to somehow get alerted if they visit a Web site which isn't who it claims to be, using these stolen certificates. There are two ways by which certificates are revoked - Certificate Revocation List (CRL)and Online Certificate Status Protocol (OCSP).
If this incident is indeed state sponsored, then the revocation process has a few gaps to overcome. For CRL and OCSP to work effectively, there is a dependency on the network itself. OCSP requires a query to be sent to an authority, to check on the status of a certificate being used on a Web site. A similar process goes for the CRL method. A CRL is most effective when a computer has checked for the latest published CRL. Both techniques rely on the machine having accessibility to the revoking authority. If a state, any state, is behind such an attack, they can easily make changes to the network such that access to the revocation lists are blocked. Once that is done, the users wouldn't know that they are dealing with a impersonated Web site. Users affected by such a state-sponsored attack wouldn't even know about it.
Thus, to help mitigate scenarios where a system may not be able to reach revocation lists when presented with a fraudulent certificate, Mozilla, Google, and Microsoft have shipped updates that will locally recognize the fraudulent certificates without needing to query the CRL or OCSP.
At this point, we urge all users to update their browsers to the latest version, and make certain that they have this patch installed on Windows machines. The issue affects all operating systems and all browsers.
- Posted by Vikram Thakur, Symantec