Netherlands Investigating Internet Hackers Who Spied on Iranian Web Users

Posted September 6th, 2011 at 10:11 am (UTC-5)
Leave a comment

The Netherlands has begun investigating the hacking of a Dutch Internet company whose security certificates were stolen and used to spy on hundreds of thousands of Iranian web users.

Dutch Home Affairs Minister Piet Hein Donner said late Monday the investigation will try to determine who stole the certificates from DigiNotar, and whether the Dutch company should be held responsible for the security breakdown.

The Dutch government issued a report earlier Monday saying hackers tampered with 531 DigiNotar certificates that are supposed to guarantee secure communications between websites and their users.

The report authored by Dutch company Fox-IT says the affected websites include those of Internet giants Google, Facebook, Twitter and Skype. It says the hackers also tampered with the security certificates used by spy agencies of several nations, including the Central Intelligence Agency of the United States, Israel's Mossad and Britain's MI6.

Tampering with “SSL” security certificates allows hackers to secretly monitor communications between websites and their users. Fraudulent certificates also can enable hackers to trick a user into visiting a fake version of a website.

The Dutch report says the hackers used a stolen certificate for to spy on 300,000 visitors to the website last month. It says 99 percent of those users were in Iran, a figure that led the authors to conclude that the hackers' objective was to intercept private communications in the country.

The report says the hackers left behind a Persian-language message that reads “Janam Fadaye Rabhar,” or “I will sacrifice my soul for my leader.”

Some Internet experts say they believe the hackers were cooperating with the Iranian government to spy on Iranian reformists who have used social media in the past to organize anti-government protests. But the Dutch government has not confirmed Iranian government involvement in the hacking. Iran has not responded to the Dutch report.

DigiNotar is a subsidiary of U.S.-listed IT company Vasco, Inc.