The Dutch government has taken control of DigiNotar after preliminary investigations showed that the company’s negligence could have led to hacking and fraudulent use of its certificates.
DigiNotar is a Dutch company that provides digital Internet security certificates known as SSL certificates.
Last week, Web browsers Chrome, Mozilla and Internet Explorer blocked Internet security certificates issued by the Dutch company after it was revealed that an "intrusion" into the company’s Certificate Authority infrastructure led to cyber snooping on Google users in Iran.
DigiNotar said that an "intrusion" resulted in the "fraudulent issuance of public key certificate requests for a number of domains, including Google.com."
"At that time, an external security audit concluded that all fraudulently issued certificates were revoked," DigiNotar said.
"Recently, it was discovered that at least one fraudulent certificate had not been revoked at the time."
"After being notified by Dutch government organization Govcert, DigiNotar took immediate action and revoked the fraudulent certificate," the company said.
It is believed that the stolen Web security certificates from DigiNotar were used to spy on 300,000 Iranian Google email accounts. Close to 300,000 unique IP addresses from Iran requested access to Google.com using a rogue certificate issued by Dutch digital certificate authority DigiNotar, according to an interim report by security firm, Fox-IT, released on Monday.
The rogue certificates were issued on 10 July by DigiNotar, and finally revoked on 29 August.
The report said that DigiNotar used weak passwords, did not update its software on public servers and had no antivirus protection on internal servers. DigiNotar has also been accused of being slow to disclose a hacking incident which is susspected to have been supported by the Iranian government.
Relations between Iran and the Netherlands deteriorated early this year when a Dutch-Iranian woman was hanged in Iran in January and buried without her relatives being present. She had been arrested after taking part in demonstrations and accused of drug smuggling.
In April, the Iranian embassy in the Hague criticised the Dutch government after an Iranian asylum seeker who was being extradited set himself on fire in Amsterdam and died.
Meanwhile, a statement on Pastebin by a hacker claims that a single hacker, and not the Iranian government, was involved in the DigiNotar hack. The statment warns of similar data thefts as well.
The statement read: "World is shocked just by my Comodo and DigiNotar hack, what would happen if I show my other skills in cryptography, cryptanalysis, binary analysis (assessment), reversing, kernel programming, other high profiles servers I hacked and extracted all needed information from them, etc. etc. Ohhh! May they change internet model, hahahahaaaaa"
"P.S.S. never forget, I’m just 21, you have to see much more from me!"
"By the way, I heard that Comodo CEO (poor Melih) have talked again and said it was again State sponsored and I’m not a single hacker bla bla… Dear Melih, please wake up, I’m the only hacker, just I have shared some certs with some people in Iran, that’s all… Hacker is single, just know it."
