Cloudflare DNS hijacked?

im glad Cloudflare sent me an email saying someone issued a cert for my domain (i didn;'t) i have the free tier Cloudflare and DNS has been hijacked (your DNS) and someone issued a wildcard cert in my name.
these records do NOT show up on my Cloudflare console. and I did not add them
(you won’t let me post them here)

Hello there,

It looks that your account is handled by others. First, please take a step to change the Cloudflare account password.

This can be revoked from your dashboard. Please check under SSL tab.

So, looks like Cloudflare did it, but the email they sent to me indicated that I could contact let’s encrypt if I didn’t issue the cert.

Maybe the email should have said ‘

Congratulations on being a CF customer, we just issued you a new cert to keep you save’

Not ‘hey, its Sunday afternoon, let’s scare the ■■■■ out of you with an email warning you of an unknown person getting a cert issued’

1 Like

I hope you got that fixed now :grinning:

SEEMS that:

  • CF ‘accidentally’ issued a let’s encrypt cert.
  • They fixed is a couple hours later by issuing a google cert
  • They exacerbated the issue by sending an email highlighting the let’s encrypt cert and saying that they only issue google certs and I should be worried.
  • Didn’t need that on a Sunday afternoon
  • They should review their processes to make sure it doesn’t happen again (including their interception of CAA records!!!)
  • I (finally) implemented DNSSEC, been meaning to for a while, had nothing to do with above.

Security reasons, more than likely…

Also, if your problem is not resolved, I would advise viewing this article

So, it’s related to the re-issuing the Cloudflare’s Universal SSL / Backup SSL as it seems to me :thinking:

2 Likes

Yep, but their message should be a little clearer.

(message says they use google, they originally issued a let’s encrypt, then replaced it hours later with google) so, they had a process AND communications failure.

When dealing with security issues, they should be a little careful.

1 Like

From the consumer perspective, you are correct. However, the concepts & terminologies here includes quite technical. So, it requires some time to understand for an ordinary user. We can put it like that!

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.