After a certificate verification authority in the Netherlands was compromised, Iranian Google users became vulnerable to phishing, spying, and other cyber-attacks. Google is urging users to re-secure their Gmail accounts immediately.
The Fall of DigiNotar
DigiNotar, a Dutch root certificate authority, was compromised last week. This made users vulnerable to man-in-the-middle attacks that could intercept usernames, passwords, and other personal data.
While 531 certificates were affected – including those belonging to Google, Yahoo, Microsoft, AOL, Facebook, and Twitter – the vulnerabilities only crop up for users in specific regions.
The most vulnerable region in this attack is Iran. In the aftermath of DigiNotar being compromised, Google has issued a warning to Iranian users. While Google notes that the Chrome users should be protected, the company nevertheless urges users to re-secure their account.
Steps for Iranian Users
Google advises any users in Iran to change their password, re-verify their password recovery data, check third-party permissions for account access and revoke those permissions as necessary, check Gmail for new filters, and pay close attention to any and all Google warnings.
While Google states that all users should go through this process, they have also identified a large group of users who were likely impacted. Those users will receive a prompt upon next logging in. That prompt will ask them to change their password and otherwise secure their account. According to Reuters, approximately 300,000 individuals were affected.
No statements have yet been released by other companies who were impacted by the vulnerabilities. This may indicate that the attacks focused on Google. However, Iranian users should be proactive in re-securing their account for all domains that became vulnerable.