03/28/2011

Mozilla Firefox Takes Steps to Block Fraudulent SSL Security Certificates

Mozilla reported on March 22, that they were informed about the issuance of several fraudulent SSL certificates intended for public websites.

These were removed by the issuers which should protect most users. Mozilla has patched their Firefox versions 3.5, 3.6, and 4.0 to recognize and block these certificates, even though it is not a Firefox specific issue.

The effect to users would be that if on a compromised network, they could be directed to sites using the fraudulent certificates and mistake them for legitimate sites. This in turn, could be used to deceive users into revealing personal information like usernames and passwords or downloading malware if thought to be coming from a trusted site.

Although current versions of Firefox are protected from this attack, Mozilla is still evaluating further actions to mitigate this issue.

The Comodo Group, Inc. (the certificate authority) first reported the issue.

A follow up by Mozilla indicated that on March 15 an RA partner of Comodo Group, Inc.--which is a Certificate Authority--suffered an internal security breach, where the attacker used the RA's account with Comodo to get 9 fraudulent certificates to be issued.

The domain names of the certificates were identified as:

  • addons.mozilla.org
  • login.live.com
  • mail.google.com
  • www.google.com
  • login.yahoo.com (x3)
  • login.skype.com
  • global trustee

The attack was discovered immediately by an internal Comodo check, and the certificates were revoked and the RA account suspended.

To date, Comodo reports the only OCSP activity noted relating to these certificates has been two hits, one from the attacker's IP and another from very close by. Additionally, hits incurred from testing by Comodo and the notified companies. This hints that they have not been deployed in an attack, but it is possible the attackers would block OCSP requests as well.

Comodo has identified the IP address as an ADSL connection and originating from Iran. From the OCSP traffic mentioned, Mozilla thinks the attacker is aware the certificates have been revoked.

Mozilla does not believe there has been a root key compromise. However, an attacker armed with fraudulent certificates and an ability to control their victim's network could easily impersonate sites in a very inconspicuous way.

Risk mitigation actions implemented:

  1. Revocation of the certificates
  2. A hard coded blacklist of the certificate serial numbers in Firefox deployed as RC2 of Firefox 4 with two additional code patch releases, released on March 22.
  3. Mozilla released an announcement with some details of the problem.

Mozilla released the patch prior to publishing any announcements out of concern the attackers would be tipped off to blocking the updates.

Mozilla's security blog reported:

Mozilla recognizes that the obvious mitigation advice we might offer (to change Firefox’s security preferences to require a valid OCSP response in all cases, or to remove trust from Comodo’s certificates, or both) risked causing a significant portion of the legitimate web to break as well.

Additionally, neither we nor Comodo have found any evidence of access to their OCSP responder being blocked, either in Iran or anywhere else. We have also found no evidence of any other sort of attack.

In hindsight, while it was made in good faith, this was the wrong decision. We should have informed web users more quickly about the threat and the potential mitigations as well as their side-effects.

Mozilla has requested that Comodo do the following:

  1. Publish a full account of exactly what happened. (So far: they have published an incident report and a blog post.)
  2. Monitor their OCSP logs for evidence of use of these certificates, or evidence that access to their OCSP responders is being blocked from any geographical locations. (So far: no sign of use or blocking.)
  3. Cancel all relationship with the RA concerned. (So far: the RA is suspended.)
  4. Change their practices to use intermediate certs rather than issuing directly off the root, and use a different one for each RA.

With Internet attackers always on the move, consumers of the Internet should always ensure their PCs are getting the latest updates, including updating Firefox, to protect against security intrusions and malware. Aside from that having solid, trusted, Internet security software can also give peace of mind in holding off these threats.