A person claiming to be the sole perpetrator of the Comodo attack posted a handful of times online this week. Comodo acknowledged that an attacker coming from Iranian servers, which the company believed to be state-funded, had breached a partner and successfully used the access to request nine high-value certificates. Two security researchers confirmed that the private key released by the person in a subsequent post matched that of one of the fraudulently obtained certificates for Mozilla’s add-on site, proving that some of the hacker’s claims were accurate.”]
Source: https://www.csoonline.com/article/2127952/comodo-compromise-expands–hacker-talks.html