The Thawte certificate is the certificate issued to google by request of google. This certificate is apparently being used to MITM connections to gmail that originate inside Iran. Outside of Iran BGPing a major ISP into routing through them, or setting up a standard "phishing" mirror site, no one outside of Iran should worry much.
It still is a good idea to blacklist that root certificate on your internet devices though. If this certificate is being used, who knows what other websites it has issued legitimate but malicious certificates for.
No one outside of Iran should worry about this particular google cert, you mean.
The obviously compromised root CA shipped by default in every computer in operation is something we very much should worry about. Who else has access to DigiNotar's cert? Surely there are players out there willing to pay more than Iran is...
Of course you should worry. The attacker may have sold the cert to other parties, not just Iran. Or if it was Iran directly, they may sell the certs to other parties to make a pretense of deniability.
Impressive? Do you remember the news that China published routing that sent all traffic for Facebook through Beijing? Given that the China Internet Network Information Center (CNNIC) root CA comes with every browser these days, all it takes for a hostile entity is a fake BGP advertised route through a compromised router to make that happen.
