Archive for December, 2008

Dec 30 2008

China National Defense White Paper 2008

Published by under Uncategorized

Asking for a little help here.  China releases a White Paper on National Defense every two years in December.  The last one was in 2006 and I haven’t seen the new one yet.  If anyone notices it, please leave a comment or drop me a line.  Thanks!

5 responses so far

Dec 29 2008

PRC Cyberwar Analysis RFP

Published by under Uncategorized

From FCW comes a short article about an RFP out for firms who can make an assessment about Chinese cyberwar capabilities and countermeasures.  Any takers?
Here is a link to the RFP.

8 responses so far

Dec 29 2008

Chinese hacker’s Xmas card

Published by under Hacking for money

This year, just as every year, Chinese hackers have been sending out Christmas cards to all their friends.  Remember, you’ll probably be getting one for New Year’s too:

Nguyen Minh Duc, the manager of Bach Khoa’s application security group, said that XmasStorm originated in China. Hackers have registered at least 75 domain names relating to the malware campaign’s holiday theme in the last month, including “superchristmasday.com” and “funnychristmasguide.com.” According to WHOIS searches, those domains were registered to a Chinese address on Dec. 1 and Dec. 19, respectively.

Comments Off

Dec 24 2008

Merry Christmas from the crew at TDV

Published by under Uncategorized

We are givers, that’s why.

4 responses so far

Dec 23 2008

Chinese hacker defaces Taiwan DPP website

Published by under Nationalism,Taiwan

Defaced DPP website

Defaced DPP website

A Chinese hacker (elder brother Ma) has defaced the website of the Taiwanese Democratic Progressive Party with the 5-star flag of mainland China to protest the release of Chen Shuibian by a Taiwanese court.  Chen is on trial for embezzlement.


Comments Off

Dec 22 2008

China may strengthen laws against hacking

Published by under Uncategorized

Internal hacking looks like it is having an impact on Chinese business/e-commerce and the government is considering legislation to both clarify the law and increase criminal penalties.

The article makes it very clear that China will retain jurisdiction over all of these cases and no citizen will be sent to a foreign country for trial.

BEIJING, Dec. 22 (Xinhua) — Computer hackers could meet tough penalties under a draft amendment of the criminal law being debated by China’s top legislature.

The draft amendment under review by the Standing Committee of the National People’s Congress (NPC) would impose steep fines and prison sentences of three-to-seven years, depending on the severity of the offense.

The existing criminal law only imposes penalties on hackers who break into government, military and scientific research institutes’ computer systems.

2 responses so far

Dec 21 2008

Heartache and pain

Published by under Uncategorized

According to our Google hit count, 99.99% of the world’s population has searched for the “Kappa Girl” video.

The “producer” of said video, only reported as U/I Huang, has been arrested by Shanghai police for distributing obscene material.

Huang will be sorely missed.

4 responses so far

Dec 21 2008

About that new theme thing…

Published by under Uncategorized

Thanks to the people who took the time to comment and give us feedback on the brief appearance of the new theme.  We had some positive and negative responses but in the end, the darn thing was just too much trouble.  Probably my fault more than the authors.  Couldn’t get the widgets to activate with the WordPress interface and it looks like all the pages would need to be edited.

Also, it looks like besides grammar problems, I have reading comprehension difficulties as well.  It was not Jumper’s comment on grammar it was another reader’s. Sorry!

Ever had one of those weekends where nothing works out?

Comments Off

Dec 19 2008

New theme and whoops!

Published by under Uncategorized

MORE STUPID  UPDATES: Let’s face it I’m bored and have decided off of two comments to put the theme back.  Might kill the two comments again but I’m willing to take that chance.

UPDATE: Never mind, hated it and changed back

Thought I’d throw up a new theme to see if you guys liked it better, or hated it.  I’m never sure about these things.  It seems to wrap on all graphics and I can probably fix that (God I’d hate to do it on all the posts).  Probably mess around with the banner also and put back the RSS feed and stuff.  Don’t know why it didn’t transfer, probably because the other theme was two column.

So, comment away if you want to keep the new or go back to the old.

Also, accidentally deleted a few comments in the tranfer, not sure how that happened.  One was Jumper correcting my grammar so that was kinda cool. Apparently I can’t read either, it wasn’t Jumper’s comment.  Mea Culpa! :)

8 responses so far

Dec 19 2008

How much money does a Chinese hacker gang make?

yuan

Introduction: Rambling thoughts

There is an old military expression that says, “Amateurs study strategyprofessionals study logistics.” Logistics is the ability to drive the train, to make sure that the troops have the capability to accomplish the strategy.  What are the logistics behind a Chinese hacker attack?

1) Computers

2) Personnel

3) Transportation (Access to the internet)

3) Knowledge

4) Malware (Trojans, Viruses….etc)

5) Programs (Scanners, Dictionary attack tools…etc)

6) Money

7) More?

There is also a formula for determining threat analysis:

1) Intent:  Without the intent to do harm, the threat assessment is considered minimal.  Friends and allies are considered extremely low-level threats even if they have the capability to cause great destruction.  Capability without intent lowers the risk factor considerably.

Clearly, Chinese hackers have demonstrated intent in the form of nationalism and monetary gain. CHECK

2) Capability:  Does an adversary have the means to carry out the threat?  While the enemy may wish to do you great harm, without capability it means little.

With a number of governments scrambling to secure and/or repair their information systems, there is little doubt Chinese hacker have the capability. CHECK

3) Motivation:  The determination to carry out and sustain the attack.

Motivation started in the form of nationalism but quickly turned to cash.  Either way, the motivation to continue and sustain attacks is still present and shows no sign of decreasing.  CHECK

So, what binds these rambling thoughts?  Money, money money!  Without the financing to support their logistics, operations come to a standstill.  Pull out logistics and you lose capability, leaving only intent.

Final random thought: A reporter once asked Willy Sutton, a bank robber, why he robbed banks?

“Because that’s where the money is”

-Willy Sutton, Bank Robber

And Now, back to your regularly scheduled program:

From Chinanews.com, the Wuxi court has found a gang of six Chinese hackers guilty of running phony websites designed to steal the passwords of online gamers.  In less than half a year, the crew had earned over one million yuan (USD 146,000).

In July of 2007, the defendant, Mr. Ma, learned of a method to hijack domain name servers in order steal account names and passwords from online gamers.  He then asked his co-conspirator, Mr. Peng, to write the hijacking program.

In August and September of last year, Mr Ma brought four other members into the gang and together they developed a scheme to get rich.  In order to carry out the crime, the group invested 22,000 yuan (USD 3,200) in a computer, server and room rental.

Peng’s program was used to capture the domain name servers in ten provinces and cities such as Jiangsu Province, Liaoning Province, Shanghai, Chongqing…etc.  After a user register for the website, they would automatically be redirected to the gang’s forged website.

The gang members were sentenced from 1-4 years for the crime.

2 responses so far

Next »