Jun 18 2008

Dear Chinese hacker master, I have a question…

Published by at 9:30 pm under Chinese Malware,Hackers Talking,Hacking for money

Dear Chinese hacker master,

Sadly, I have all these compromised computers just laying around the place and don’t know what do with them, could you please help?!?

- Confucius…sed amateur

Dear Confused,

No need to be embarrassed, we have all experienced this dilemma at one time or another. Let me offer a few simple solutions to this common problem:

  1. Steal virtual property from the compromised computer. Take their game account ID, QQ number and Q money.
  2. Steal real property from the compromised computer. Real property can consist of bank accounts or online stock speculator account numbers. There are many types of trojans designed specifically for getting the account numbers of online stock speculators.
  3. Steal people’s private data. Remember, just like the Edison Chen photo scandal, regular people can be extorted too if you threaten to release their explicit photos on the internet. Use their private information that could be harmful to blackmail them. If you steal commercial data such as financial reports and personnel records it can be used for your illegal benefit. Also, you can attempt to control their webcam in order to fill the desires of peeping toms.
  4. Use the victim’s connections to get illegal benefits. Perhaps you think your QQ number is insignificant, you don’t have QQ 秀 (unclear) or QQ money. Not so, your friends QQ numbers, your e-mail contacts and cellphone contacts are all targets for the attacker. The attacker can fake your identity to carry out all manner of illegal activity. Everyone’s personal connections have commercial worth. The most common example of this is the 12950 service that used groups of QQ numbers to send out trash/spam? information to steal money or the MSN virus that automatically sent out information to your friends to defraud them. NOTE: the 12590 service could refer to this: Optional service Game treasure box makes the mobile into a game machine. A mobile QQ can go anywhere, 12586 online entertainment (that has many strange old friends), 12590 interactive message service (that has various voice monsters), CRBT and MMS (that are full of fun, personalized ring tones and pictures that can be downloaded anytime)……your enjoyment with these features is endless!
  5. Plant rogue software on the compromised computer. This will make it automatically click online advertising for profit. This can really effect your online experience as I suspect everyone hates online pop-up ads. After the attacker controls a lot of compromised computers, they can force out ads and obtain profits from the ad owners. The number one reason for rogue software flooding is that many companies purchase rogue software developers’ advertisements. Other attackers use the rear platform? to covertly click on advertisements in order to gain profits. This causes the ad owner to waste money through invalid clicks.
  6. Use the compromised computer as a springboard (proxy server) to attack other computers. Any type of hacker attack can leave behind traces and in order to better conceal yourself, it is necessary to use many proxy jumps. The compromised computers can act as an agent and a scapegoat. The attacker can disseminate even more trojans and think of your computer as a downloading station. It is a possibility that network speed and performance will be improved with proxy servers.
  7. The compromised computer is the foot soldier to launch DDOS attacks. DDOS attacks can earn money for internet gangs or cyberwarfare (those who engage in it) as some people will hire these internet goons who initiate conflicts. Internet gang members can carry out an attack directly against their target and then blackmail the victim. Compromised computers are a chess piece for internet gangs and DDOS attacks have become a poisonous cancer for the internet.

Yep, a little fun in the beginning with this post (I made it up)  but the rest is a real list of uses for compromised computers put out by Chinese hackers.

I swear I heard the sound of people flipping their webcams towards the ceiling after reading number 3.

UPDATE: Hat-Tip to Therese who sets me straight on the definition of QQ 秀:

QQ 秀 == QQ “Show”

It’s one of the things that you can spend QQB on. You purchase outfits and accessories to dress up your little avatar. It’s like putting on a show. Therese also provides a Flickr link to “patriotism QQ-Show.”

http://www.flickr.com/photos/keso/2421813915/

6 responses so far

6 Responses to “Dear Chinese hacker master, I have a question…”

  1. Thereseon 19 Jun 2008 at 7:42 am

    QQ 秀 == QQ “Show”

    It’s one of the things that you can spend QQB on. You purchase outfits and accessories to dress up your little avatar. It’s like putting on a show.

  2. Thereseon 19 Jun 2008 at 7:43 am

    http://www.flickr.com/photos/keso/2421813915/
    A flickr photo called “patriotism QQ-Show”

  3. Heikeon 19 Jun 2008 at 9:49 am

    Therese,

    Thank you very much for the definition of QQ Show; I have taken your comment and posted it on the main page with the article.

  4. GaoYuLongon 19 Jun 2008 at 7:26 pm

    I found your website about a montha ago…read it three or four times a week looking for updates. Wow!!!!!!! what wonderful service you provide. For those technically inclinded they won’t be dissapointed in your fact filled commentary. For those not so computuer oriented your simple yet easy to follow discussions can allow anyone the chance to understand what a threat chinese hackers are today worldwide.
    Often times I see you at DarkVisitor are breaking stories the media doesn’t cover or are far far behind the curve on.
    Since 1999 I have been helping to expose the crimes the CCP commits in the US. Last May in DC I attended a forum at the Raybourn Building by chinese students and former students enrolled in colleges stateside. Their discussion centered around the efforts of the Chinese government to get the students to spy for them.
    Returning recently from Flushing NY I wittenssed first hand steps the Chinese government would take in importing their unchecked violence in NY as though it was any street in Beijing see her
    http://www.motionbox.com/videos/7c9ad1bb181fe4f4 though not Hollywood quality it expresses visually the efforts of Pro CCP supports to challenge our countries resolve.
    Please keep up the great work….Xiadong Sheldon Meng is yet another example of China’s cyber war, by the way he was arrested here in Orlando , near the Mouse house at OIA.
    Warm Regards
    what a great site

  5. Heikeon 19 Jun 2008 at 10:14 pm

    Gao Yulong,

    Thank you so much for reminding me that cyberwarfare is not only about the technical ability to gain access to information systems, it also involves the concept of having physical contact in compromising them.

    The People’s Liberation Army often talks about “leap frog” technology to gain an advantage over the US but they also advocate using a wide-net approach to gathering information. This includes students studying overseas, tourists, foreign workers (employed outside of China)…etc.

    Chinese special forces, during wartime, are tasked with physical destruction of information systems.

    China has a holistic and comprehensive approach to problems, while we in the west tend to think linear.

    Nice to have someone keeping me honest and thinking on the Red paradigm vs. Blue.

  6. nisoon 06 Feb 2009 at 4:54 am

    hi i want to enter to the website http://www.liusystem.com it is not opening outside the university so plzzzzzzz i want you help give me an answer in a short time plz