Another Comodo partner attacked using SQL injection

According to the Heisse Online newswire, ComodoBR, the Brazilian partner of Comodo, is the latest of the certificate firm's partners to suffer an attack this year.

Unconfirmed reports suggest that the data files from attack were posted on the Pastebin file-sharing site on May 21 and 22, although Melih Abdulhayoglu, Comodo's CEO, is quoted by The Register as saying the firm's systems were not compromised.

He also said that no certificates were issued as a result of the breach and that the Brazilian reseller had no access to Comodo databases.

Heisse Online, meanwhile, says that, during the Brazilian attack "parts of the company's database, including customer data and submitted certificate requests, were accessed via SQL injection."

While the certificate requests do not contain any information an attacker could misuse, the German news wire notes that the incident does present a serious security problem since the database records also contained the access credentials of ComodoBR employees.

"However, it remains unclear whether unauthorized third parties could have used this information to issue their own certificates", the news wire notes.

As reported previously by Infosecurity, in late March of this year, Comodo reported that two of its Registration Authorities (RAs) had been hacked.

Those hacks appear to have been separate from the so-called Iranian lone hacker incident earlier in March when at least five accounts were compromised.

In that first incident, a hacker calling himself 'ComodoHacker' – portraying himself as a patriot – claimed credit for the hack of a range of major site certificates from Comodo.

What’s Hot on Infosecurity Magazine?