

Hacker in Iran obtains web certs that'd enable spoofing of Yahoo, Google, etc. - mcantelon
http://www.wired.com/threatlevel/2011/03/comodo-compromise/

======
phlux
How do we know this is not a hacker in israel spoofing hacks from Iran?

~~~
ithkuil
Yes, I always wondered why most time the hackers able to perform tricks which
would create potentially mass profit, come from those strange places.

I suspect that it has to do with traceability. Imagine you are able to create
a certificate for amazon.com and spoof the dns in order to get traffic from
some percentage of users in order to steal their credentials, credit card
whatever. If you host that service in the US or EU or whatever, your ISP will
be promptly contacted and they will cooperate.

On the other hand if you tunnel the traffic through non cooperating countries,
it will be more difficult, if not impossible, for law enforcement to track
you.

