When users mistype a domain name, they are sometimes directed by their ISPs to a placeholder Web site with generic advertisements. This is typically an additional revenue source for the ISP. In the case of CNC, customers of this prominent ISP are directed to a Web site under the control of an attacker.
I have tried a bunch of CNC nameservers and it seems that they have the typo redirects turned off or I haven’t tried the right nameserver yet.
In case you aren’t aware of what DNS cache poisoning is, check out this wikipedia.org article.
SBS Dateline reporter, George Negus, conducts an interview with Chinese hacker Yang Zhao. Yang talks about the attacks on CNN, nationalism and intrusion methods. This is the Youtube version of the video and is shorter than the version found on the SBS Dateline website.
Johny Long, the well-known Google search hacker linked to a very interesting blog post on Stryde Hax about the controversy over Chinese gymnast He Kexin. In it, Stryde Hax uses some Google hacks on Baidu (the most popular Chinese search site) to come up with two cached spreadsheets that show He Kexin’s birth year as 1994 which would make her ineligible for the Olympics.
The documents were apparently removed from the government website where they were originally found. Then again – it could have been that the original government documents were wrong and her birth year has been 1992 all along. I can’t say for certain.
If you are interested in Google hacking, take a look at this TDV article.
Update: This article talks about the PRC response to the IOC requested investigation into He Kexin’s age. The response indicates that the paperwork that read 1994 instead of 1992 was in error. That’s probably the last we’ll hear about it except from the China bashers.
Update Two: The Stryde Hax blog has been updated with a link to another PRC government document that lists Jiang Yuyuan’s age as November 1, 1993. Google hacking is cool.
If you needed a university certificate in China during the last couple of months, there’s a big chance that a group of ten people could have supplied with you such, going a step further and adding your details in more than ten government databases across different provinces in the country, making $300k in the process.
Shanghai Daily is reporting on this sophisticated group of local hackers who were selling “valid” educational certificates by modifying government databases.
“Chinese online human hunting” has been a subject that has fascinated me ever since I first read the story of the “Bronze Mustache” in 2006. Somewhere in my gut, it left me with the impression that this was an important trend to watch. Why you ask? Why not I answer! Yep, got nothing.
Does this fascination stem from the demonstrated ability to cyber-mobilize, combined with cyber-vigilante justice? Okay, if that explanation works for you, it works for me. This really bugs me and I haven’t been able to put my finger on why this trend seems to be important to watch. It could very well be the catalyst that launched the category of “Chinese Hacker Hunting” on this blog…but that gets way too much into the realm of self-analysis and could leave me screaming into my pillow. Moving on.
So what is “online human hunting?” I could try and summarize the whole social mechanism but it would probably cross the line of “fair use.” China Supertrends gives an excellent explanation of “human flesh search engines.”
China: “Human Search” Invades Privacy
Over the past year or more, a concept known as “human search” (also referred to as an “Internet mob”) has grown in popularity in China. Unlike the more constructive pursuit known as “crowdsourcing,” where people worldwide connect to lend their creativity to some academic, artistic or business endeavor, human search involves people connecting via the Internet to track down information for one another, often to search for someone perceived as having done something wrong. A prime example of this came last week, when Chinese Internet users began a nationwide search for the father of Olympic air pistol gold medalist Guo Wenjun, who abandoned her 10 years ago and left her to the care of her coach. According to an August 12 Reuters story, although the search has not yet pinpointed the missing parent, tens of thousands of Web surfers and numerous chat rooms have reportedly joined the effort.
Any…FREE…insightful explanation on why my views makes sense would be greatly appreciated.
Xiao Chen, in a subsequent interview with the Shanghai Post, refuted all of CNN’s allegations and tearfully explained how all of this controversy had caused him to close his website hack4.com…he had struggled to create it…he had poured his heart and soul into it…and now was left with only had a handful of magic beans to show for his trouble.
I may be mixing my stories but he did elevate whining to an art form.
No need to worry, Xiao Chen pulled himself up, dusted himself off and managed to get back in the hacking game. Welcome to the new hack4.com , decorated in Olympic themed swirls guaranteed to never go out of style:
India is also suffering from the menaces of cyber war and cyber terrorism. Nobody cares about any these threats in India. Far more citizens were concerned of the Amarnath issue than by potential risks of nuclear conflict, or near-breakdowns in Net and mobile security. China’s intensified cyber warfare against India is becoming a serious threat to national security. In October 2007, Chinese hackers defaced over 143 Indian websites. In April 2008, Indian intelligence agencies detected Chinese hackers breaking into the computer network of the Ministry of External Affairs forcing the government to think about devising a new strategy to fortify the system. As a countermeasure, the Indian armed forces are trying to enhance their C4ISR capabilities, so that the country can launch its own cyber offensive if the need arises. Similarly, Pakistan is taking steps to intensify its cyber war propaganda against India with the help of its intelligence outfit, the ISI by carrying reports of alleged communal fissures taking place on the Indian side of Kashmir. Issues like these have to be resolved as well.