Google advises Iran users to change passwords

Sep 09, 2011
Google has advised users of its online services in Iran to change their passwords following the theft of Internet security certificates from a Dutch company.

Google has advised users of its online services in Iran to change their passwords following the theft of Internet security certificates from a Dutch company.

"We learned last week that the compromise of a Dutch company involved with verifying the authenticity of websites could have put the of many Iranians at risk, including their Gmail," vice president of security engineering Eric Grosse said.

"While users of the Chrome browser were protected from this threat, we advise all users in Iran to take concrete steps to secure their accounts," Grosse said in a blog post late Thursday.

Iranians were advised to change their passwords, pay attention to warnings that pop up in and to block unfamiliar websites and applications that are allowed to access an account.

They were also told to check Gmail settings for suspicious forwarding addresses.

The Dutch has opened an investigation to determine who falsified 531 Internet security certificates in order to snoop on users in Iran, the Dutch Interior Ministry said Tuesday.

The falsified certificates, known as SSL certificates, belonged to Dutch company DigiNotar.

are used to verify to visitors that a particular website is authentic and are issued by DigiNotar and other firms known as Certification Authorities.

Internet users whose browsers are fooled by a false certificate could unwittingly reveal their activity to another party in what is known as a "man-in-the-middle attack."

Google said last week that it had "received reports of attempted SSL man-in-the-middle attacks against Google users, whereby someone tried to get between them and encrypted Google services.

"The people affected were primarily located in Iran," said Heather Adkins, an information security manager at Google.

Explore further: Supreme Court allows challenge to Colorado Internet tax law

add to favorites email to friend print save as pdf

Related Stories

Dutch launch Iran IT hacking probe

Sep 06, 2011

The Dutch secret service has opened an investigation to determine who falsified 531 Internet security certificates in order to snoop on users in Iran, the Dutch Interior Ministry said Tuesday.

Experts suspect Iran involvement in Dutch hacking

Sep 05, 2011

(AP) -- Hackers who broke into a Dutch web security firm have issued hundreds of bogus security certificates for spy agency websites including the CIA as well as for Internet giants like Google, Microsoft and Twitter, the ...

Second firm warns of concern after Dutch hack

Sep 07, 2011

A company that sells certificates guaranteeing the security of websites, GlobalSign, said Tuesday it is temporarily halting the issuance of new certificates over concerns it may have been targeted by hackers.

Recommended for you

Facebook help a matter of timing

2 hours ago

Getting a response to a request for assistance on social media may have more to do with your request's timing than how many followers you have, research suggests.

Supreme Court allows challenge to Colorado Internet tax law

21 hours ago

A unanimous Supreme Court ruled Tuesday that federal courts can hear a dispute over Colorado's Internet tax law. One justice suggested it was time to reconsider the ban on state collection of sales taxes from companies outside ...

Clinton ran own computer system for her official emails

Mar 03, 2015

The computer server that transmitted and received Hillary Rodham Clinton's emails—on a private account she used exclusively for official business when she was secretary of state—traced back to an Internet ...

Twitter working with probe on online threats

Mar 02, 2015

Twitter said Monday it was working with law enforcement officials on unspecified threats, amid reports that the social network had been targeted for blocking accounts linked to the Islamic State.

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.