SecurityTube

Turkish Registrar Enabled Phishers to Spoof Google

JB

Google and Microsoft today began warning users about active phishing attacks against Google’s online properties. The two companies said the attacks resulted from a fraudulent digital certificate that was mistakenly issued by a domain registrar run by a Turkish domain registrar.

In a blog post published today, Google said that on Dec. 24, 2012, its Chrome Web browser detected and blocked an unauthorized digital certificate for the “*.google.com” domain.

“We investigated immediately and found the certificate was issued by an intermediate certificate authority (CA) linking back to TURKTRUST, a Turkish certificate authority,” wrote Adam Langley, a Google software engineer. “Intermediate CA certificates carry the full authority of the CA, so anyone who has one can use it to create a certificate for any website they wish to impersonate.”