Skip to main content

Hackers acquire Google certificate, could hijack Gmail accounts

posted onAugust 30, 2011
by l33tdawg

Hackers have obtained a digital certificate good for any Google website from a Dutch certificate provider, a security researcher said today.

Criminals could use the certificate to conduct "man-in-the-middle" attacks targeting users of Gmail, Google's search engine or any other service operated by the Mountain View, Calif. company.

"This is a wildcard for any of the Google domains," said Roel Schouwenberg, senior malware researcher with Kaspersky Lab, in an email interview Monday. "[Attackers] could poison DNS, present their site with the fake cert and bingo, they have the user's credentials," said Andrew Storms, director of security operations at nCircle Security.

Source

Tags

Security Google

You May Also Like

Recent News

Friday, December 15th

Thursday, December 14th

Wednesday, December 13th

Tuesday, December 12th