Google Announces Attack

  • Internet Fraud, Security

Yesterday, Google announced that there was an attempted SSL man-in-the-middle attack against its users. The majority of affected users were in Iran, so it was contained to a geographic area. However, someone tried to get between the users and encrypted Google services by using a fraudulent SSL certificate issued by DigiNotar.

DigiNotar did not have permission to issue certificates for Google, and has since stopped doing so.

Google also reports that Google Chrome users were protected from the attack by being able to detect the fraudulent certificate. Mozilla and Microsoft also took quick action to protect users with fraud prevention systems.

Google suggests keeping your operating systems and web browsers up to date and pay special attention to any and all warnings.