Certification Authority Comodo announced that it had unknowingly issued bogus SSL certificates for a number of web sites, including sites owned by Microsoft, Google, Yahoo, Skype and Mozilla. The company said it was the target of a well-organized hacker attack that apparently originated in Iran. They immediately revoked the bad certificates and let the site owners, government officials and web browser vendors know about the incident.
Fraudulent certificates could be used to set up servers that would masquerade as those of the companies that own the legitimate sites, which could then be used to collect personal information and eavesdrop on chat sessions and email messages, or possibly to install malware on users’ computers. For more information, read the full article here: