Adolf Hitler, SpongeBob SquarePants and Mickey Mouse have obviously received their dose of the Covid-19 vaccine. Indeed, for a few days, European health certificates in their name have been circulating on the net. How to explain that? Several theories are opposed at the present time.
For several days now, validated European health certificates from Adolf Hitler, Mickey Mouse or even SpongeBob SquarePants have been circulating on the net. More than a bad joke, it could be a serious security breach that could threaten “the architectural trust chain ” du Green Pass, the Covid certificate solution valid within the European Union.
These QR Codes are distributed in particular on GitHub or on certain closed groups on Telegram messaging. According to our colleagues at BFMTV, they are recognized as compliant when they are scanned on the TousAntiCovidVerif application. Same story with the Belgian CovidScan app or the official app of the Swiss Confederation Covid Certificate Check.
For the moment, the light has not yet shed on this matter. According to Denys Vitali, engineer for Swisscom, it is very unlikely that this is a private key leak. For him, the most plausible hypothesis is the following: an individual would have broken the chain of trust between a European government and the medical profession which is the only one authorized to issue valid certificates. In other words, malware may have been installed on computers owned by doctors, so as to be able to generate passes at will as if they were issued by health professionals.
A platform to generate QR codes left open to the public
However, our colleagues at BFM TV have a completely different version. According to their information, the author of this hack is currently selling these name QR codes on a hacker forum on the Dark Web. Other falsified certificates are currently circulating in Europe, some of which would be issued from North Macedonia. A fault in the official servers of the country would be the cause. More precisely, a web page dedicated to the creation of these QR codes was accessible to all for a few hours.
It was thus possible for anyone to create valid health passes with any name, any vaccine or even any number of doses between 1 to 9 and from any country of the EU. It should be noted that these European health certificates are generated in the same way in all EU member countries. In other words, if a country’s electronic signature process is compromised, all the fraudulently generated QR codes will be valid everywhere in Europe.
“The problem is that the health authority has left a publicly accessible server, which signs everything asked of it without checking anything. This is quite similar to fake QR codes that would have been generated by hacking into the account of a pharmacist or doctor, except that this is at the level of the QR code generation service rather than at the level of a health professional ”, details Gaëtan Leurent, IT security researcher for INRIA.
According to cybersecurity experts who had access to this platform hosted in North Macedonia, it is now closed to the public. In addition, the QR codes generated in the name of Adolf Hitler, Mickey Mouse or even SpongeBob SquarePants have been reported as fraudulent on the various European verification applications.
Source : BFM TV