Monday, May 16, 2022

TurkTrust Issues an Unauthorized Certificate For Google Domains

Google on Thursday mentioned late Christmas Eve, they discovered and blocked an unauthorized digital certificate that was produced for the “*” domain that had been published by an intermediate certificate authority (CA) which connected back to Turkish certificate authority, TURKTRUST.

Google updated Chrome’s certificate revocation metadata to block the intermediate CA, and said they’ve alerted TURKTRUST of the issue.

“TURKTRUST told us that based on our information, they discovered that in August 2011 they had mistakenly issued two intermediate CA certificates to organizations that should have instead received regular SSL certificates,” Adam Langley, a Software Engineer at Google published in a blog post on Thursday.

Microsoft has also issued a security advisory on the incident and took measures to protect clients, saying they’d update the Certificate Trust list (CTL) and allow an update for all certified releases of Microsoft Windows to remove the certificates in question.

“The fraudulent certificate could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against several Google web properties,” Microsoft’s advisory continued. “This issue affects all supported releases of Microsoft Windows.”

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Amazon hacked – hacker leaks 80,000 login credentials

A hacker going by the name 0x2Taylor has said to have breached the servers of …