Google has advised users of its online services in Iran to change their passwords following the theft of Internet security certificates from a Dutch company.

"We learned last week that the compromise of a Dutch company involved with verifying the authenticity of websites could have put the Internet communications of many Iranians at risk, including their Gmail," Google vice president of security engineering Eric Grosse said.

"While users of the Chrome browser were protected from this threat, we advise all users in Iran to take concrete steps to secure their accounts," Grosse said in a blog post late Thursday.

Iranians were advised to change their passwords, pay attention to warnings that pop up in Web browsers and to block unfamiliar websites and applications that are allowed to access an account.

They were also told to check Gmail settings for suspicious forwarding addresses.

The Dutch secret service has opened an investigation to determine who falsified 531 Internet security certificates in order to snoop on users in Iran, the Dutch Interior Ministry said Tuesday.

The falsified certificates, known as SSL certificates, belonged to Dutch company DigiNotar.

SSL certificates are used to verify to visitors that a particular website is authentic and are issued by DigiNotar and other firms known as Certification Authorities.

Internet users whose browsers are fooled by a false certificate could unwittingly reveal their activity to another party in what is known as a "man-in-the-middle attack."

Google said last week that it had "received reports of attempted SSL man-in-the-middle attacks against Google users, whereby someone tried to get between them and encrypted Google services.

"The people affected were primarily located in Iran," said Heather Adkins, an information security manager at Google.

Dutch probing Iranian hacker's claims
The Hague (AFP) Sept 9, 2011 - The Dutch government is investigating claims by a suspected Iranian hacker that he falsified Internet security certificates at a Dutch company, a government spokesman said Friday.

"We are investigating all leads including the lead of today," Dutch Safety and Justice Ministry spokesman Edmond Messchaert told AFP, referring to an interview published on Dutch public broadcaster NOS's website.

In the interview, a hacker claiming to be a 21-year-old Iranian student identified only by the name "Sun Ich", said he was responsible for the breach at DigiNotar, through which some 531 Internet security certificates were falsified in July.

The false Internet security certificates, also known as SSLs, were then used in an apparent attempt to snoop on Google users in Iran.

"I carried out the hack completely on my own, from start to end," Sun Ich was quoted as saying. "When I got the certificates I brought certain people in Iran up to speed. It looks like they then used the information."

The Dutch secret service this week opened an investigation to determine who falsified the SSLs, the Dutch government said Tuesday.

The probe was launched a day after Internet security specialist company Fox-IT said hackers had falsified hundreds of Internet security certificates through DigiNotar.

The hacker told journalists he was a supporter of President Mahmoud Ahmadinejad's government and decided to target the Netherlands to punish it for the "fall of Srebrenica" and anti-Islam statements by Dutch far-right politician Geert Wilders.

A contingent of Dutch soldiers serving with the United Nations were charged with protecting civilians in the "safe" enclave of Srebrenica, eastern Bosnia, in 1995, but were humiliatingly overrun by Bosnian Serb forces under Ratko Mladic.

The following day, thousands of Bosnian Muslim men were captured or surrendered before almost 8,000 were executed in the worst atrocity in Europe since World War II.

Politician Wilders was acquitted by a Dutch court in June on hate speech and discrimination charges for attacking Islam, including comparing the Koran to Hitler's "Mein Kampf".