Some of the keys that were used to generate Green Pass certificates in Europe may have been stolen by cyber criminals. Giampaolo Dedola, security expert in the Global Research and Analysis Team (GReAT) at Kaspersky, comments.
“We have discovered news online that offer the creation of valid COVID-19 vaccination certificates - so-called Green Passes. These vaccination cards are currently often required for access to flights, restaurants or museums in Europe. As proof that the codes work, the actor created a screenshot with a valid QR code in the name of Adolf Hitler.
Test QR codes with stolen keys work
The further analysis of two QR code examples also shows that the keys used to sign the certificates relate to organizations based in France and Poland. In addition, these codes are considered valid when tested through official apps. This is worrying as it makes it impossible to distinguish between legitimate green passes and those generated by the leaked keys.
This case reminds us of how vulnerable the infrastructure for generating COVID-19 certificates is at the moment. While it is possible to revoke certificate keys, it has far-reaching consequences for society and security. It is therefore important to improve monitoring and security measures in order to protect all infrastructure devices from external cyber attacks and to prevent and detect misuse. "
More at Kaspersky.com
About Kaspersky Kaspersky is an international cybersecurity company founded in 1997. Kaspersky's in-depth threat intelligence and security expertise serve as the basis for innovative security solutions and services to protect companies, critical infrastructures, governments and private users worldwide. The company's comprehensive security portfolio includes leading endpoint protection as well as a range of specialized security solutions and services to defend against complex and evolving cyber threats. Kaspersky technologies protect over 400 million users and 250.000 corporate customers. More information about Kaspersky can be found at www.kaspersky.com/