No theft of codes for the creation of green passes took place in Italy. But the hypothesis that they were put up for sale in the dark web circuits and in Telegram chats and bought by Italian criminal organizations is concrete. So much so that the Cnaipic (National Cybercrime Center for the Protection of Critical Infrastructures), an articulation of the postal police, has launched large-scale investigations.
French and Polish codes
According to investigative sources, the access codes were stolen by Polish and French bodies, therefore perfectly recognizable by the “VerificationC19” app to check the validity of the green certificate. The theft, as mentioned, did not concern Italy, so much so that there are no cyber attacks on Sogei, the information technology company of the Ministry of Economy which provides the codes for Italy to generate the certificates. At the moment, however, it is reiterated that the stolen keys have been canceled. As a result, all green passes generated with those codes have been invalidated.
Business in Italy
What we now want to understand is whether these codes have also been purchased by Italian organizations. In these hours, Cnaipic is scanning the dark web, including a series of Telegram chats where these codes may have been offered for sale. A mind-boggling business, currently being quantified, which may have generated bogus but recognizable passes.
The green pass in the name of Adolf Hitler
A fake green pass in the name of Adolf Hitler has been circulating on the web since last night. The QR code of the green certificate, published by a user on twitter, is fully functional and is in fact also read by the official verification apps for the green pass, including the Italian one C19. According to what we read on the blog of a cybersecurity expert, www.zerozone.it, the certificate was published by the user “Reversebrain” who, on the social network, published a Qrcode inviting to verify it with the Verification C19 app. According to what we read on the blog, “verifying the data relating to the issuer of the certificate, it appears to have been issued by the French Cnam (Caisse Nationale d’Assurance Maladie)” on 25 October last. Another fake pass ”indicates“ the company Janssen-Cilag International as the manufacturer of the vaccine administered, in Poland, by the Centrum e-Zdrowia ”. Everything seems to originate, we read in the blog, “from a thread on RaidForums, a market on the web now known to be a point of exchange and publication of data leaks and other material that is not always lawful, where, however, there are those who suspect the possibility that even the private key of the Polish government may have been stolen ”.