Mountain View, California — Security researchers have unmasked a forged web certificate for Google.com circulating on the internet that empowers attackers the means to impersonate Gmail and virtually every other digitally signed Google properties has been published online, according to media reports on Monday.
The bogus digital certificate was issued on July 10 to digitally sign Google pages protected by SSL, or secure sockets layer cryptographic protocol that secures communications across the Internet that allowed attackers to impersonate and steal Google accounts including Gmail.
The encryption keys were apparently pilfered by DigiNotar, a legitimate certification authority based in The Netherlands and owned by secure token vendor VASCO Data Security, according to reports. The forged certificate is valid for *.google.com, giving its unknown holders the means to mount transparent attacks on a wide range of Google users who access pages on networks controlled by the counterfeiters.
The certificate was revoked this morning.
Moreover, criminals could exploit the certificate to execute “man-in-the-middle” attacks targeting users of Gmail, Google’s search engine or any other service controlled by the Mountain View, Calif. Company.
“This is a wildcard for any of the Google domains,” said Roel Schouwenberg, senior malware researcher with Kaspersky Lab, in an email interview Monday.
“Attackers could infect DNS, present their site with the fake cert and bingo, they have the user’s credentials,” said Andrew Storms, director of security operations at nCircle Security.
The news first emerged on a Google forum on Sunday where Iran-based user Alibo reported that when he tried to log into his Gmail account using the Google Chrome browser.
“I think my ISP or my government did this attack (because I live in Iran and you may hear something about the story of Comodo hacker!)” he wrote.
Alibo’s maintained that Iranian ISPs including ParsOnline were exploiting the certificate to validate Gmail could not be independently confirmed. But the document he published has been verified by researchers as a valid certificate issued on July 10 by DigiNotar that digitally signs all URLs that end in Google.com.
“This CA should receive an internet death sentence as their carelessness may have resulted in deaths in Iran,” said an anonymous post which examined the certificate. “This cert was issued in JULY of 2011 and it is now just a few days before SEPTEMBER. It is being used in the wild against real people in Iran *right* now.”
This screenshot shows the warning the user reportedly got when attempting to log in to Gmail.
Instantly applying precautions, Google and Mozilla have responded to the forgery by preparing updates to Chrome, Firefox and other software programs that take the highly unusual step of disallowing all certificates issued by DigiNotar while the forgery is being investigated.
It was the second time in five months that Google was compromised by fraudulent digital certificates. The incident exposed serious vulnerabilities in the net’s foundation of trust, because in the intervening time it was possible for attackers to create convincing forgeries of trusted services that were almost impossible for people on attacker-controlled networks to detect.
Similarly, in March, hackers broke into the servers of a web-authentication authority and fabricated valid certificates for Google Mail and six other domains. It took eight days for the counterfeit credentials to be fully blocked from all major browsers, and much longer to be blacklisted from email programs.
The hack was carried out on a reseller of certificate authority Comodo, and came from servers that used an Iranian IP address for issuing fraudulent certificates for Google, Yahoo, Skype and Hotmail from Comodo. Monday’s attack appeared to be more of the same.
The offense strikes at the heart of the flawed digital certificate model. Security experts have voiced concerns about the model — which trusts more than 650 certificate authorities and all major governments to validate the security of websites.
“This is not a huge surprise,” Moxie Marlinspike, a researcher and frequent critic of the SSL system said on Monday about the discovery of the latest Google certificate forgery. “This is the kind of thing we should expect is happening all the time. The only thing noteworthy is that anyone noticed.”
“For now, if I decide that I do not trust VeriSign or Comodo or any other CA (Certificate Authority), what can I do? The very best I could do would be to remove the offending CA’s certificate from my trusted CA database, but then some large percentage of secure sites I visit would break.”
Meanwhile, Mozilla said in a statement that DigiNotar had withdrawn the fraudulent certificate, “which should protect most users,” but that it would still issue updates to its Firefox browsers. The company also posted instructions for manually disabling the DigiNotar root in Firefox.
However, it is still not apparent what damage, if any, had been caused by the counterfeit digital certificate to date.