An exploit that enabled hackers to request the certificates was a very sophisticated one, according to Comodo, the root certificate authority (CA) whose partner issued the certificates. It may even point to attackers sponsored by a nation. Comodo is one of the largest Internet firms that register and administer SSL certificates.
Although there was no actual use of any of the purloined certificates to violate any of the sites that were targeted, the event is disturbing.
“March 15, 2011, a Comodo affiliate RA [registration authority] was compromised resulting in the fraudulent issue of nine SSL certificates to sites in 7 domains,” said a post to a Comodo blog Wednesday.
“Although the compromise was detected within hours and the certificates’ validity revoked immediately, the attack and the suspected motivation require urgent attention of the entire security field,” the post continued.