tehranbureau An independent source of news on Iran and the Iranian diaspora
nextback

'Patriotic Hacker' Takes Credit for Internet Security Threat in Iran

07 Sep 2011 01:50Comments
ImageResizer.jpg[ dispatch ] A hacker known as ComodoHacker has claimed credit for the recent hack on the Dutch certificate authority DigiNotar that left Google users in Iran vulnerable to espionage.

"Hi again! I strike back again, huh?" he wrote in a post on Pastebin, a site popular among programmers for sharing code. In the same post, ComodoHacker claims to have access to four more certificate authorities, offering the following convoluted explanation for the DigiNotar hack:

When Dutch government, exchanged 8000 Muslim for 30 Dutch soldiers and Animal Serbian soldiers killed 8000 Muslims in same day, Dutch government have to pay for it, nothing is changed, just 16 years has been passed. Dutch government's 13 million dollars which paid for DigiNotar will have to go DIRECTLY into trash, it's what I can do from KMs away! It's enough for Dutch government for now, to understand that 1 Muslim soldier worth 10000 Dutch government.

ComodoHacker made a name for himself earlier this year by offering strong evidence that he was behind a similarly high-profile attack on the certificate authority Comodo. In a manifesto-like Pastebin post dated March 26, he expressed myriad motives for hacking into sites that would give him access to the personal information of users in Iran. These included the stated desire to protect the Iranian government by threatening the online privacy of political activists in Iran.

Anyone inside Iran with problems, from fake green movement to all MKO members and two faced terrorist, should afraid of me personally. I won't let anyone inside Iran, harm people of Iran, harm my country's Nuclear Scientists, harm my Leader (which nobody can), harm my President, as I live, you won't be able to do so. as I live, you don't have privacy in internet, you don't have security in digital world, just wait and see...

ComodoHacker claims to be 21 years old, Iranian, a student, and to work on his own, none of which can be verified. Some speculate that he could be Turkish and have help.

Hackers claiming similarly patriotic justifications for their work are common in Russia and China. In 2003, the FBI issued a warning to Americans warning that hacking, even hacking enemies of the state, is a felony offense in the United States. Last year when WikiLeaks got hacked, experts also suspected a patriotic attack.

The Dutch government has initiated an investigation into the latest attack, which also compromised the security of Dutch government websites. Dutch authorities today announced that they are looking into possible negligence on the part of DigiNotar.

***

For more information, check out:

Tehran Bureau's previous post "Internet Security Attacks on Iran Google Users Went Undetected for 2 Months."

An email interview given by the hacker himself in March.

An overview of ComodoHacker's handiwork on the F-Secure Security Lab blog.

Copyright © 2011 Tehran Bureau

SHAREtwitterfacebookSTUMBLEUPONbalatarin reddit digg del.icio.us
blog comments powered by Disqus

In order to foster a civil and literate discussion that respects all participants, FRONTLINE has the following guidelines for commentary. By submitting comments here, you are consenting to these rules:

Readers' comments that include profanity, obscenity, personal attacks, harassment, or are defamatory, sexist, racist, violate a third party's right to privacy, or are otherwise inappropriate, will be removed. Entries that are unsigned or are "signed" by someone other than the actual author will be removed. We reserve the right to not post comments that are more than 400 words. We will take steps to block users who repeatedly violate our commenting rules, terms of use, or privacy policies. You are fully responsible for your comments.