GlobalSign halts security certificates after second hacking claim

Posted by Emma Woollacott

A second provider of security certificates says it may have been hit by hackers in a smilar attack to last month's DigiNotar breach.

A hacker calling himself Comodohacker has claimed on Pastebin that he's gained access to GlobalSign and three other unnamed certificate authorities. He says that another attack against StartCom was foiled by its CEO.

Comodohacker claims responsibility for the DigiNotar breach, which was used to compromise the security of sites including the CIA, MI6, Mossad, Facebook, Microsoft, Skype and Twitter.

While the attack has been widely linked to Iran, Comodohacker says that's got nothing to do with him.

"I'm single person, do not AGAIN try to make an ARMY out of me in Iran," he says. "If someone in Iran used certs I have generated, I'm not one who should explain."

Rather, he says, he's motivated by the fact that the Dutch government failed to intervene in Srebrenica during the infamous 1995 massacre. More than 8,000 Bosnian Muslims were killed by Serbian forces.

"Dutch government is paying what they did 16 years ago about Srebrenica" he says. "This is consequence of fighting with Islam and Muslims in your parliament."

GlobalSign has responded by temporarily ceasing the issuing of security certificates.

"GlobalSign takes this claim very seriously and is currently investigating," says the company.

"GlobalSign has officially announced the appointment of Fox-IT to assist with investigations into the claimed breach. Fox-IT is the Dutch cybersecurity experts hired to investigate the compromise of the Dutch CA DigiNotar and therefore already have a wealth of current knowledge and experience of the hacker."