Oct 21 2008

Underground Chinese tools for “Massive SQL Injection” attacks

Published by at 3:49 pm under Chinese Malware,Hacking for money

Yesterday we posted a story about Chinese hackers gaining unauthorized access to the Japanese Oil and Gas Corporation (JOGMEC), using an SQL injection attack.

Today, Dancho Danchev examines a tool created by the Chinese IT underground designed for just such a purpose:

…the Chinese IT underground has been closely following the emerging threats and the obvious insecurities on a large scale, and so is either filling the niches left open by other international communities, or coming up with tools setting new benchmarks for massive SQL injection attacks…

Just like everthing that Dancho puts out, his analysis of the SQL injection tool is worth the read!

2 responses so far

2 Responses to “Underground Chinese tools for “Massive SQL Injection” attacks”

  1. jumperon 21 Oct 2008 at 4:26 pm

    The site that Dancho references is:


    According to the message board there, they will have an English version in a few months.

    Also check out http://www.wolfexp.net/forum/redirect.php?tid=6102&goto=lastpost

    Not everyone is happy about the release of this tool.

  2. gao yulongon 22 Oct 2008 at 3:30 am

    On October 20, Microsoft China announced that they would release an anti-piracy patch in China called the “Black Screen of Death” to combat pirated versions of Windows XP Professional and Microsoft Office software. Hours after the release, Chinese Internet users asserted that Chinese hackers have already broken the anti-piracy patch. It is not yet confirmed whether the hackers have been able to crack all the anti-piracy patch specifications….heard any leads??