Attackers behind CA hack also targeted Tor
The development team behind anonymisation network Tor is reporting that twelve certificates for the domain *.torproject.org were generated during the attack on Dutch SSL certification authority DigiNotar. Six certificates for the project's domain were illegally issued on July 18 and six more on 20 July – despite the fact the DigiNotar detected the intrusion on 19 July and claims to have revoked all of the fraudulent certificates.
The Tor developers say that the security of its anonymisation network has not been directly compromised by the fake certificates; however, an attacker could have used the certificates to modify the Tor web site and deliver a modified version of the Tor client to users. The Tor team bemoans DigiNotar's failure to actively inform them of the incident and that they had to call the CA to obtain a list of serial numbers for the fraudulent certificates. DigiNotar told the Tor team that they had long revoked the certificates involved.
There is, however, no sign that this has actually happened – the Tor team has failed to find any indication that the serial numbers in question have been revoked in the public certificate revocation list (CRL). Interestingly, the certificates as issued were only valid for one month and expired on August 19. The Tor developers suspect that this may be why DigiNotar deemed it unnecessary to add the certificates to the CRL.
According to a report on Dutch web site nu.nl, other prominent victims included blog hosting site WordPress, Yahoo, the Mozilla Firefox Addon directory and Iranian blog portal Baladin. The attack does not appear to have been motivated by financial gain – the report states that no certificates were issued for financial institutions.
At least one certificate was incorrectly issued for Google.com and used to eavesdrop on Iranian Google users – indeed this is how the incident was first detected. Since version 13, Google Chrome includes a list of trusted CAs which might conceivably issue certificates for Google domains. Where the CA is not on this list, as in the current case, Chrome displays a warning. The Google certificate was issued on July 10, and was, according to DigiNotar, "overlooked" when cleaning up the mess following the intrusion.
The total number of certificates issued is a matter of speculation. One clue is a change in the Chrome source code, which blacklists serial numbers from 247 DigiNotar certificates. It also remains unclear whether, following its slip-up with the Google certificate, all fraudulent certificates really have been revoked. The Internet Storm Center reports that the number of revoked DigiNotar certificates was significantly lower during July and August than in previous months. Google has been joined by Mozilla and Microsoft in distrusting the CA as a whole.