Breach, Data Security, Incident Response, TDR

Google fights off attacks via fraudulent certs

On Tuesday, Google announced that it had stepped in to quell a threat impacting Windows users – fraudulent digital certificates in India linked to several Google domains.

Last Wednesday the tech giant became aware of the certs, which had been “misissued,” or deemed trusted, by a certificate authority in India, the National Informatics Center (NIC).

Google – which blocked the fraudulent certs in Chrome with a CRLSet push – alerted NIC, the Indian Controller of Certifying Authorities (India CCA) and Microsoft about the incident. In turn, the certs were also revoked by India CCA, a blog post by Google security engineer Adam Langley said.

Langley explained that the abused certs were included in the Microsoft Root Store and, therefore, “trusted by the vast majority of programs running Windows, including Internet Explorer and Chrome.” Firefox web browser users were not vulnerable, Langley said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.