Archive for August, 2008

Aug 28 2008

Chinese hacker malware infects International Space Station?

Published by under Chinese Malware

Breaking news is that the International Space Station has been infected by the W32.Gammima.AG trojan. The trojan is also referred to as the kavo.exe virus and is designed to gather information on ten online games:

ZhengTu
Wanmi Shijie or Perfect World
Dekaron Siwan Mojie
HuangYi Online
Rexue Jianghu
ROHAN
Seal Online
Maple Story
R2 (Reign of Revolution)
Talesweaver

Not familiar with all the games but most are Chinese or Korean. Chinese hackers specialize in stealing online gaming information. Symantec also offers up this bit in its writeup:

The worm ends the Matrix Password process if it finds a dialog box with the following characteristics:
Title: MatrixPasswordDlg
Message: Warning! (In Chinese characters)

Will check more into the origin of this malware later today but all indicators suggest that it could be Chinese.

7 responses so far

Aug 27 2008

Taiwan breaks up hacking ring

Published by under Taiwan

This AFP/Google News article is very short on detail. Perhaps some of our readers in Taiwan can comment on the local media reporting. From the article:

Police in Taiwan have arrested six people suspected of stealing personal data from state firms, including information about the island’s current and former presidents, officials said Wednesday.

One response so far

Aug 22 2008

CNC DNS Server Cache Poisoning

Published by under Hacking for money

From websense labs (thanks to zdnet blogs):

When users mistype a domain name, they are sometimes directed by their ISPs to a placeholder Web site with generic advertisements. This is typically an additional revenue source for the ISP. In the case of CNC, customers of this prominent ISP are directed to a Web site under the control of an attacker.

I have tried a bunch of CNC nameservers and it seems that they have the typo redirects turned off or I haven’t tried the right nameserver yet.

In case you aren’t aware of what DNS cache poisoning is, check out this wikipedia.org article.

2 responses so far

Aug 22 2008

Chinese hackers killed Whoopy, you bastards!

Published by under Hacking for money,UK Attacks

I am wrong…very, very wrong. This is not funny (but it is hilarious) and I know better than posting other people’s pain. From the European WoW forum: (Click to enlarge)

2 responses so far

Aug 21 2008

China’s Cyber Warriors and nationalism

SBS Dateline reporter, George Negus, conducts an interview with Chinese hacker Yang Zhao. Yang talks about the attacks on CNN, nationalism and intrusion methods. This is the Youtube version of the video and is shorter than the version found on the SBS Dateline website.

4 responses so far

Aug 20 2008

Google hacking the Olympics

Published by under Uncategorized

Johny Long, the well-known Google search hacker linked to a very interesting blog post on Stryde Hax about the controversy over Chinese gymnast He Kexin. In it, Stryde Hax uses some Google hacks on Baidu (the most popular Chinese search site) to come up with two cached spreadsheets that show He Kexin’s birth year as 1994 which would make her ineligible for the Olympics.

The documents were apparently removed from the government website where they were originally found. Then again – it could have been that the original government documents were wrong and her birth year has been 1992 all along. I can’t say for certain.

If you are interested in Google hacking, take a look at this TDV article.

Update: This article talks about the PRC response to the IOC requested investigation into He Kexin’s age. The response indicates that the paperwork that read 1994 instead of 1992 was in error. That’s probably the last we’ll hear about it except from the China bashers.

Update Two: The Stryde Hax blog has been updated with a link to another PRC government document that lists Jiang Yuyuan’s age as November 1, 1993. Google hacking is cool.

10 responses so far

Aug 19 2008

China hacker gang issues diplomas…goes to jail

Published by under Hacking for money

Via Dancho Danchev

If you needed a university certificate in China during the last couple of months, there’s a big chance that a group of ten people could have supplied with you such, going a step further and adding your details in more than ten government databases across different provinces in the country, making $300k in the process.

Shanghai Daily is reporting on this sophisticated group of local hackers who were selling “valid” educational certificates by modifying government databases.

Looking for higher education, read it here: China hacker gang busted

One response so far

Aug 18 2008

Chinese online human hunting! Something to watch…and I don’t have a clue why.

Published by under Uncategorized

“Chinese online human hunting” has been a subject that has fascinated me ever since I first read the story of the “Bronze Mustache” in 2006.  Somewhere in my gut, it left me with the impression that this was an important trend to watch.  Why you ask? Why not I answer! Yep, got nothing.

Does this fascination stem from the demonstrated ability to cyber-mobilize, combined with cyber-vigilante justice?  Okay, if that explanation works for you, it works for me. This really bugs me and I haven’t been able to put my finger on why this trend seems to be important to watch.  It could very well be the catalyst that launched the category of “Chinese Hacker Hunting” on this blog…but that gets way too much into the realm of self-analysis and could leave me screaming into my pillow. Moving on.

So what is “online human hunting?” I could try and summarize the whole social mechanism but it would probably cross the line of “fair use.”  China Supertrends gives an excellent explanation of “human flesh search engines.”

Finally, sciam.com provides a current report on how this trend is progressing:

China: “Human Search” Invades Privacy
Over the past year or more, a concept known as “human search” (also referred to as an “Internet mob”) has grown in popularity in China. Unlike the more constructive pursuit known as “crowdsourcing,” where people worldwide connect to lend their creativity to some academic, artistic or business endeavor, human search involves people connecting via the Internet to track down information for one another, often to search for someone perceived as having done something wrong. A prime example of this came last week, when Chinese Internet users began a nationwide search for the father of Olympic air pistol gold medalist Guo Wenjun, who abandoned her 10 years ago and left her to the care of her coach. According to an August 12 Reuters story, although the search has not yet pinpointed the missing parent, tens of thousands of Web surfers and numerous chat rooms have reportedly joined the effort.

Any…FREE…insightful explanation on why my views makes sense would be greatly appreciated.

2 responses so far

Aug 18 2008

CNN’s angry Chinese hacker Xiao Chen returns

In March of this year, CNN ran a story about Xiao Chen and his organization of hackers, reporting that the group had broken into the Pentagon and received payments from the Chinese government.

Xiao Chen, in a subsequent interview with the Shanghai Post, refuted all of CNN’s allegations and tearfully explained how all of this controversy had caused him to close his website hack4.com…he had struggled to create it…he had poured his heart and soul into it…and now was left with only had a handful of magic beans to show for his trouble.

I may be mixing my stories but he did elevate whining to an art form.

No need to worry, Xiao Chen pulled himself up, dusted himself off and managed to get back in the hacking game. Welcome to the new hack4.com , decorated in Olympic themed swirls guaranteed to never go out of style:

Comments Off

Aug 16 2008

Chinese hackers and India cyber forensics

Published by under India Attacks

India considers attacks on its information network by Chinese hackers a threat to national security:

(f) Cyber War and Cyber Terrorism in India

India is also suffering from the menaces of cyber war and cyber terrorism. Nobody cares about any these threats in India. Far more citizens were concerned of the Amarnath issue than by potential risks of nuclear conflict, or near-breakdowns in Net and mobile security.[2] China’s intensified cyber warfare against India is becoming a serious threat to national security. In October 2007, Chinese hackers defaced over 143 Indian websites. In April 2008, Indian intelligence agencies detected Chinese hackers breaking into the computer network of the Ministry of External Affairs forcing the government to think about devising a new strategy to fortify the system. As a countermeasure, the Indian armed forces are trying to enhance their C4ISR capabilities, so that the country can launch its own cyber offensive if the need arises.[3] Similarly, Pakistan is taking steps to intensify its cyber war propaganda against India with the help of its intelligence outfit, the ISI by carrying reports of alleged communal fissures taking place on the Indian side of Kashmir.[4] Issues like these have to be resolved as well.

6 responses so far

Next »