US cyber security firm Comodo caught unawares as hacker accessed and kept its files in public repository

Venustus

Level 59
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Dec 30, 2012
4,809
An anonymous hacker got access to internal files of US-based cybersecurity company Comodo, headquartered in Clifton, New Jersey. By using an email address and password mistakenly exposed on the Internet, the attacker gained access and raised questions on the credibility of the cybersecurity company.

As reported by TechCrunch the credentials were found in a public GitHub repository owned by a Comodo software developer.

Notably, the account was not protected with two-factor authentication and with the email address and password in hand, it became vulnerable to cyber attacks as the hacker could get easy entry into the company's Microsoft-hosted Cloud services.

It was the Netherlands-based security researcher Jelle Ursem, who first discovered the leaked credentials on the internet and then reached out to Comodo's Vice-President Rajaswi Das.

The researcher, Ursem also revealed that the account allowed him to access internal files of the cybersecurity company that includes sales documents and spreadsheets in the company's OneDrive and Comodo's organisation graph on SharePoint.

He also mentioned that he was also could see the team's biographies, contact information, such as phone numbers and email addresses, personal details, including photos, customer documents and calendar. It also showed screenshots of folders which includes agreements as well as contracts with several customers and their names in each filename, such as hospitals and US state governments.

Ursem said, "Seeing as they're a security company and give out Secure Sockets Layer (SSL) certificates, you'd think the security of their own environment would come above all else."

Earlier this year, Ursem also found a similarly exposed set of internal Asus passwords on an employee's GitHub public account. In this case, made public in May, it was revealed that a group of cybercriminals have targeted the open-source software development platform, GitHub and almost 100 of the developers have had the Git source code repositories wiped out and replaced with a ransom demand.
 

Tim Callan

New Member
Jul 29, 2019
2
Please be aware that Comodo does not issue SSL certificates and has not since 2017. That business is now entirely operated by Sectigo, and the two companies are completely independent of each other. Sectigo is unaffected by this reported security flaw.

Any report you see to the contrary is false. The original TechCrunch article has been updated to correct their error.
 
Last edited:
4

436880927

Please be aware that Comodo does not issue SSL certificates and has not since 2017. That business is now entirely operated by Sectigo, and the two companies are completely independent of each other. Sectigo is compeletely unaffected by this reported security flaw.

Any report to the contrary by TechCrunch, security researchers, or other sources is false.
What's this then?


Not only do Comodo still own a working sub-domain for SSL certificates, the offered SSL certificates are branded as Comodo on the page. The page says it is "powered by Sectigo".

I can see that Sectigo is "formerly" Comodo CA but why is that sub-domain still active for the Comodo website if they truly are "independent of each other" now? Comodo's sub-domain for SSL certificates shouldn't exist if they have nothing to do with it anymore, in my opinion.

Sectigo, as an "independent" company, should be able to market their SSL certificates without using the Comodo brand... and without needing a promotion from Comodo... but hey, whatever.
 

Tim Callan

New Member
Jul 29, 2019
2
What's this then?


Not only do Comodo still own a working sub-domain for SSL certificates, the offered SSL certificates are branded as Comodo on the page. The page says it is "powered by Sectigo".

I can see that Sectigo is "formerly" Comodo CA but why is that sub-domain still active for the Comodo website if they truly are "independent of each other" now? Comodo's sub-domain for SSL certificates shouldn't exist if they have nothing to do with it anymore, in my opinion.

Sectigo, as an "independent" company, should be able to market their SSL certificates without using the Comodo brand... and without needing a promotion from Comodo... but hey, whatever.
Since Comodo still receives a great deal of traffic and has a great number of inlinks, those customers are better served if there is an easy way to connect with Sectigo. Things like brand recognition and SEO are slow to change. We will be happy when every certificate user knows the name Sectigo, and how we will get there is by promoting the transition from one brand to the other.
 
4

436880927

Since Comodo still receives a great deal of traffic and has a great number of inlinks, those customers are better served if there is an easy way to connect with Sectigo. Things like brand recognition and SEO are slow to change. We will be happy when every certificate user knows the name Sectigo, and how we will get there is by promoting the transition from one brand to the other.
You want everyone to think that Comodo have finished selling SSL certificates and that Sectigo are "independent" yet the product is still using the Comodo brand name and is being promoted on an exclusive Comodo sub-domain even though Comodo have had years of history as being a SSL provider.

I have absolutely no idea why there are many sources out there who believe Comodo are still selling SSL certificates... hmmmm how suspicious I wonder why... :unsure:

See, we can come up with loads of reasons as to why Sectigo should remain using the Comodo services/brand... but it doesn't change the fact that Sectigo is dependent on Comodo, evidently.
 
Last edited by a moderator:

upnorth

Level 68
Verified
Top Poster
Malware Hunter
Well-known
Jul 27, 2015
5,458
Change a brand is a very standard procedure and is done many times when the crap hits the fan. Too many examples in my country alone. Doesn't always help to avoid negative public information or make people forget, but I fully understand Comodo, now Sectigo. Good luck! (y)

Please be aware that Comodo does not issue SSL certificates and has not since 2017.
Are you 100% sure?


Posted and shared 5 jan. 2019.


Posted and shared 31 may 2018.

 
Last edited:
F

ForgottenSeer 58943

ANY trust in Comodo has always been misplaced, I think many people realized that long ago. There are much better solutions to anything they offer and I have never believed they have earned ANYONE'S trust and this sort of proves that once again. If people listened to Kevin's blogs and postings about shady Comodo back during the Boclean fiasco they would have always stayed far away from them.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top