The NSA published an advisory regarding the use of wildcard TLS certificates, which can be escalated to carry out the Application Layer Protocol Content Confusion Attack (ALPACA) TLS attack.

What is a wildcard certificate?

A wildcard certificate is a digital TLS certificate received by organizations from certificate authorities. This certificate can be applied to a domain and to all the underlying subdomains through the use of a wildcard character. It is effectively used to reduce costs and for easy management.

Nonetheless, it creates a security issue.

A serious threat indeed

  • The NSA alerted that cybercriminals can exploit wildcard TLS certificates to decrypt TLS-encrypted traffic.
  • Anyone with a private key linked to a wildcard certificate can impersonate the sites and gain access to credentials and protected data.
  • However, if an attacker compromises a server with that trick, they can compromise the entire organization.

In its warning, the NSA has urged organizations against the use of wildcard TLS certificates. The NSA has also laid out technical guidance to help secure the DoD, National Security Systems (NSS), and Defense Industrial Base (DIB).

The ALPACA attack

The ALPACA attack was disclosed in June and can be exploited due to the use of wildcard certificates.
  • This attack allows the attacker to confuse web servers running various protocols to respond to encrypted HTTPS requests via unencrypted protocols, such as FTP, IMAP, and POP3.
  • It leads to the extraction of session cookies and other private user information. 
  • In addition to this, it enables the attacker to execute arbitrary JavaScript in the context of the exposed web server, allowing bypassing of TLS and web app security.
  • According to researchers, around 119,000 web servers are still exposed to the new ALPACA attacks. The advisory urges organizations to check if their web servers are vulnerable.


Security guidelines provided in the NSA advisory aim to help organizations in protecting their servers from the above-mentioned attacks. The advisory has suggested multiple mitigations, including the use of an application gateway or web application firewall, DNS encryption, DNS security validation extensions, and enabling Application-Layer Protocol Negotiation (APLN). Apart from these measures, it should go without saying that organizations should apply the latest security patches and updates as soon as they are released.

Cyware Publisher