Dec 08 2007
Who is this guy?
He is the “Withered Rose”. Just as mentioned in Time’s article, his website is undergoing renovation and my guess is that it will be doing so for a good long time. However, his blog is up and doing well. The new site is at mghacker.com and has been running since March of 2007. The mg probably stands for Mei Gui (玫瑰), the Pinyin for Rose in Chinese. Won’t go into too much detail about all the stuff on his blog since the most important stuff has been covered but it does contain some note worthy stuff.
My guess is the Time’s reporter had some sort of agreement with Rose and his buddies not to take their photos for the article…me, no such agreement:
Never understand why Chinese hackers refuse to put a picture in their “About” page but then plaster them all over their website…who knows.
Blog name: Withered Rose’s Blog
Website Admin’s nickname: Withered Rose
Blood type: (What the hell?) Either way, Withered Rose ain’t tellin’.
Your sign: Not giving this up either
Personal Quote: “The pursuit of hacker technology is my life.”
Hobbies: Computers/Networks/Traveling/Hot Chicks (Yeah…)
One of the first posts on his blog, is the most revealing and damning things I have ever seen a Chinese hacker write. It is very different from the interview provided to the Time’s reporter, although I thought he (the reporter) put enough sarcasm in the article to show how much he believed what they were saying.
NOTE: This is not a verbatim translation, just a gist of what I consider the important points.
According to Rose, it is 3:00am and he has been gaming. Rose checks on the penetration results of the targeted computer. Just a hacker’s job he explains. This is where it starts to get good. “True professional hackers don’t hack inside the country (China) because China is too poor and there is no money in it; furthermore, it is also very dangerous.” Guess I don’t have to list this guy under patriotic hackers. Rose doesn’t know if he is a professional hacker but feels he is progressing.
Rose goes on to say that the days of attacking the single server are over, that the interconnected servers don’t have any significant data. All of the big name companies, organizations, major governments, militaries, and Sci-Tech organizations all have their own file servers.
Rose’s preferred method of attack is through social engineering and he says he has plenty of experience at it. First you get the sensitive information off the organization or institute’s public website. This period is called the collection stage. He notes that all the large companies maintain employee databases and that these contain the userids, passwords and mailboxes. Using the user’s identification you can search on the internet to find out where they go and what they do. It is important to do analysis on the userids of the major figures. It is possible to obtain their login and password at other sites they visit.
According to Rose, mailboxes are the most useful. You can get thousands of mailbox addresses from one database. Next, simply send out thousands of emails with Trojans attached and one or more of the employees is going to open it.
30 Responses to “A Rose by Any Other Name…Sometimes, Not So Sweet!”