Hackers acquire Google certificate, could hijack Gmail accounts
Hackers have obtained a digital certificate good for any Google website from a Dutch certificate provider, a security researcher said today.
Criminals could use the certificate to conduct “man-in-the-middle” attacks targeting users of Gmail, Google’s search engine or any other service operated by the Mountain View, Calif. company.
“This is a wildcard for any of the Google domains,” said Roel Schouwenberg, senior malware researcher with Kaspersky Lab, in an email interview Monday.
“[Attackers] could poison DNS, present their site with the fake cert and bingo, they have the user’s credentials,” said Andrew Storms, director of security operations at nCircle Security.
Man-in-the-middle attacks could also be launched via spam messages with links leading to a site posing as, say, the real Gmail. If recipients surfed to that link, their account login username and password could be hijacked.