Fake vaccination records first appeared in Italy. They make the rounds on the Darknet. How could that happen?
The forged digital vaccination certificates that are currently circulating on the Internet with valid signatures could, according to experts, be due to security gaps in medical practices or pharmacies.
It is possible that unauthorized persons there managed to get the private keys for the Fido encryption system, said Thomas Uhlemann from the security company Eset on Thursday.
According to the security expert, forged vaccination certificates with technically valid signatures are offered on the Darknet for around 300 euros. This allows people who have not been vaccinated against Covid-19 to show a seemingly valid vaccination certificate on their smartphone. “The signatures of these keys are recognized as valid,” said Uhlemann. “You can use it to issue any certificate for the respective country.”
The fake certificates first appeared in Italy. There, vaccination certificates are at the center of a heated political debate. The “Green Pass” – a corona passport with printable or digital proof of a corona vaccination – has been necessary since mid-October according to a decision by the government of Prime Minister Mario Draghi in order to be able to go to work. The fake vaccination pass that has now emerged was not only shown as valid by the system of the Italian “Green Pass”, but also by the official German app “CovPass Check”.
In Italy the validity of the keys was withdrawn on Wednesday. Current checks in Germany, however, also showed full validity on Thursday afternoon. “That can have devastating consequences, especially when things have to be done quickly,” warned Uhlemann. When checking in public places, such as at the airport or the admission control of clubs, in practice “the identity card is rarely or never required from the person showing it”. Instead, it relies on the scanning device to display “Certificate valid”.
Uhlemann pointed out that, especially in the area of resident doctors, “IT systems are often still being used completely out of date”. “These networks are particularly attractive for hackers because they always try to attack the weakest link.”
David William is a talented author who has made a name for himself in the world of writing. He is a professional author who writes on a wide range of topics, from general interest to opinion news. David is currently working as a writer at 24 hours worlds where he brings his unique perspective and in-depth research to his articles, making them both informative and engaging.
