Comodo Says Two More Registration Authorities Compromised

Author: Dennis Fisher
minute read

Officials at Comodo have acknowledged that an additional two registration authorities affiliated with the company have been compromised in the wake of the high-profile attack on the company that was disclosed last week. However, no forged certificates were issued as a result of the new attacks.

Officials at Comodo have acknowledged that an additional two registration authorities affiliated with the company have been compromised in the wake of the high-profile attack on the company that was disclosed last week. However, no forged certificates were issued as a result of the new attacks.

In a message on a discussion thread set up after the original attack on a Comodo registration authority, Robin Alden, CTO of Comodo, said that the company has discovered two fresh compromises of its affiliated RAs during the investigation into the first attack. Alden did not furnish any other details about the new compromises.

“Two further RA accounts have since been compromised and had RA privileges withdrawn.  No further mis-issued certificates have resulted from those compromises,” Alden said in the message about the new RA compromises.

Addressing a list of concerns about Comodo’s practices raised by customers and browser vendors in the wake of the attack, Alden said that the company is now in the process of rolling out a new two-factor authentication system for its RAs. Comodo also is installing other security measures as a result of the attack.

“We are rolling out improved authentication for all RA accounts. We are implementing both IP address restriction and hardware based two-factor authentication.  The rollout of two-factor tokens is in progress but will take another couple of weeks to complete.  Until that process is complete Comodo will review 100% of all RA validation work before issuing any certificate,” Alden wrote.

The technical details of the attack on an RA affiliated with Comodo earlier this month are still unclear, although officials have said that the attacker went in through the account of one of its RAs and then was able to use the account to issue himself fraudulent certificates for a number of sites belonging to Google, Mozilla, Skype and Yahoo.

Someone claiming to be the attacker responsible for the Comodo compromise has posted several messages to Pastebin with the purported details of the attack. And on Monday the same person also posted the forged certificate for Mozilla that he issued himself, as well as the private key for the certificate. Alden said in the message on the Mozilla discussion thread that Comodo has determined that neither the company’s hardware security module (HSM) nor its private key material were compromised in the original or subsequent attacks.

After the initial attack on Comodo became public, Mozilla officials called on Comodo to stop issuing certificates to RAs directly from the root that the company maintains. Alden said that the company is in the process of moving to that model.

“We understand Mozilla’s request that we move to having a separate sub_CA certificate per RA.
Currently many of our end entity certificates are issued from RA-specific sub-CAs but some (like this incident) are not. As a short-term measure we will move towards issuing all certificates from sub-CAs.  Initially some of these will be Comodo-branded and there will not be a 1:1 match between RAs and sub-CAs, but we think this will give Mozilla the flexibility they seek in this regard.  In the slightly longer term we will move to a sub-CA per RA,” Alden said.

Suggested articles

Tokyo Olympics Postponed, But 5G Security Lessons Shine

Threatpost Senior Editor Tara Seals is joined by Russ Mohr, engineer and Apple evangelist at MobileIron along with Jerry Ray, COO at SecureAge, for a discussion about the now postponed Tokyo Games and its use of 5G and the myriad of security concerns Japan is preparing for.

1

Discussion

  • Anonymous on

    Pretty amazing they basically trusted RAs with access to their private key, even if through some API or other. Why do entities like mozilla and microsoft (who amazingly forces all their users to consent to their trustability decisions) even allow root certificates in their certificate stores without checking that the people with the matching private key have any clue what they're on about?

     

    This is yet another blow to PKI. You can't "live and learn" in this environment without risking massive compromises. Why are we still paying these people anything at all?

  • TekDawg on

    I for one certainly hope these engineers get their ducks in a row... I recently started using the FREE version of comodo on multiple systems at home and find it to be far better than other vendors that I have paid what amounts to ransom for the priveledge of having my systems slow down and still become infected by simply browsing over a web site.  I am considering purchasing the Comodo product to deploy in a large corporate environment and will be watching this development very closely.

  • Anonymous on

    TekDawg, I hope you are aware that with some up front effort you can easily create your own CA? Large corporate environments are a perfect place to deploy such a thing. The devil is in doing the administration and the rather steep learning curve for using the tools. But the tools are free and already there (openssl, nss) or easily obtainable (eg xca).

    Personally I wouldn't trust a CA that obviously doesn't know how to properly manage and mitigate risks that directly affect their core business. The cost of that going wrong easily surpasses the cost of running your own private, corporate CA.

  • Antimedia on

    Anonymous, if folks like Comodo, who specialize in this field, have trouble figuring out how to secure the CAs, what makes you think that a roll-your-own scenario would be any less subject to compromise?

    When we used Verisign for PKI, I was constantly amazed at the lack of sophistication in their authentication schemes.  It got better over time, but initially it was ridiculous.  Some parts still are.  That you think doing it yourself would be better shows a lack of understanding of the difficulties involved in even understanding PKI, much less implementing it correctly.

    I have about ten years experience in it, and I can assure you that getting it all working right and maintaining it is non-trivial.

  • EtherealMind on

    For five hundred bucks a year for a single domain certificate, I expected a lot more attention to detail. How much profit have they raked out of this business instead of spending on correct security practices and audits. 

    Given that a certificate costs nothing but the security process and small bung to the browser makers, it's inconceivable how they could screw up this bad. 

  • Anonymous on

    The whole PKI infrastructure is built on _trusted third party_. In a world where security would have any value Comodo would have to step down from PKI business related services for ever.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.

Subscribe now

Topics

Show all

Authors

Threatpost

InfoSec Insider

Infosec Insider Post

Infosec Insider content is written by a trusted community of Threatpost cybersecurity subject matter experts. Each contribution has a goal of bringing a unique voice to important cybersecurity topics. Content strives to be of the highest quality, objective and non-commercial.

Sponsored

Sponsored Content

Sponsored Content is paid for by an advertiser. Sponsored content is written and edited by members of our sponsor community. This content creates an opportunity for a sponsor to provide insight and commentary from their point-of-view directly to the Threatpost audience. The Threatpost editorial team does not participate in the writing or editing of Sponsored Content.