...
- All of the usual risks of compromised SSL private keys apply, but when it is a wildcard certificate the impact of exposure is magnified enormously.
- Network Eavesdropping Attack (Passive): if a wildcard certificate is compromised, an attacker with access to the network can sniff and decrypt all of the traffic to all SSL websites for the wildcard domain.
- Man-in-the-Middle Attack (Active): if a wildcard certificate is compromised, an attacker with access to the network can sniff, decrypt, change, and replay all of the traffic to all SSL websites for the wildcard domain.
- Impersonation Attack: if a wildcard certificate is compromised, the attacker can use it to create new hostnames or impersonate existing sites (when combined with phishing, or local host / DNS cache name resolution poisoning) on the same domain as the wildcard domain, leading users to an attacker's site instead of a trusted site even though they see a trusted valid SSL certificate.
References: