I'm currently visiting China, and I use a well known VPN service for both my laptop and my phone.
Every now and then, I get certificate errors when using my phone when I'm connected to a VPN, but this never happens on my laptop.
Currently I'm trying to access m.facebook.com and I get a warning that the certificate is mismatching. I have one here now that says that the certificate presented belongs to someone with a "common name" that is a ip address that goes to a hosting provider in Germany. I get this both while being connected to a Hong Kong and a Taiwan VPN server.
Is it reasonable to assume that this is an attack, or could this kind of issues have natural causes? If this is an attack, what kind of attack vectors could fit into this description?
Update
Well, when you speak of the devil... I just experienced this issue from my laptop as well. And the mismatching certificates seem vary in a arbitrary way, the latest are issued by 144.76.99.230, *.sslserve.jp, RapidSSL SHA256 CA - G3, webmail.elclubexpress.com. The local malware theory seems to weaken?
I have another VPN provider as well for backup (these things are unstable in China), and I have not experienced these issues on that provider.
Aucun commentaire:
Enregistrer un commentaire