Archive for March, 2009

Mar 29 2009

Chinese hackers steal Dalai Lama’s documents

Published by under India Attacks,Other attacks

UPDATE: The full report on Ghostnet available here.

The group Information War Monitor conducted a 10-month investigation into the activities of Chinese hackers and their final report will be released on Monday:

A China-based cyber spy network has hacked into government and private systems in 103 countries, including those of many Indian embassies and the Dalai Lama, an internet research group said here Saturday.

The Information Warfare Monitor (IWM), which carried out an extensive 10-month research on cyber spy activities emanating from China, said the hacked systems include the computers of Indian embassies and offices of the Dalai Lama.

10 responses so far

Mar 28 2009

Israeli company uses Chinese hacker tool against Hezbollah

Published by under Chinese Malware

Just damn, damn, damn.

When a reporter makes several attempts to contact you, get back with the guy.  The author of this article, Oded Yaron, tried numerous times to get in touch with me and we missed each other.  My fault, not his.  He still gave our website a plug without mentioning that one of the people that blogs here is a real jackass.  Thanks!

My apologies to Mr. Yaron and from his report, Virtual battleground attacks Hezbollah’s soft underbelly:

Last week, while trying out breaking-in tools developed by Chinese hackers, an Israeli Network security company, Applicure, brought down the Hezbollah Web site (, using no more than 10 bots, which are computers controlled by hackers.

6 responses so far

Mar 26 2009

2009 Annual Report to Congress on Military Power of the PRC

Published by under Uncategorized

The 2009 Annual Report to Congress on the Military Power of the People’s Republic of China is out.  Yes, it does talk about cyber warfare and hacking, enjoy.

Here is your link to the PDF file.

4 responses so far

Mar 25 2009

Economic downturn, Chinese hacker upturn

Published by under Hacking for money

Hackers gotta eat too.

Robert McMillan, from IDG News Service, provides another great article looking at the Chinese cybercrime industry:

With China’s economy cooling down, some of the country’s IT professionals are turning to cybercrime, according to a Beijing-based security expert.

Speaking at the CanSecWest security conference last week, Wei Zhao, CEO of Knownsec, a Beijing security company, said that while many Chinese workers may be feeling hard times, business is still booming in the country’s cybercrime industry.

Read the full article on China Becoming the World’s Malware Factory

Comments Off

Mar 24 2009

China Spy: Out of the rain

Published by under Other attacks

This was provided via Terri at Tipping Point (a must read blog):

I’ve been out of the loop for a bit lately, the real world has been calling.  Terri makes a great point that this is an important article to understand:

A veteran Chinese intelligence officer who defected to the United States says that his country’s civilian spy service spends most of its time trying to steal secrets overseas but also works to bolster Beijing’s Communist Party rule by repressing religious and political dissent internally.

Read more here:

2 responses so far

Mar 21 2009

via China more friend than foe, says white hat

Published by under Uncategorized

Zhao Wei, CEO of Knownsec (aka icbm, formerly with Venustech and McAfee) gave a presentation at the recent Cansecwest security conference.  The presentation was covered by yesterday.  In the presentation, Mr. Zhao asserts that all of the attacks that are coming from China are the result of its many compromised computers.  Further, any country that wanted to launch a targeted attack on its adversaries could use China as a jumping-off point in order to hide their true origin.

Knownsec Logo

Many people who haven’t been involved in studying targeted attacks would probably agree with this assessment.  There is a lot of malicious traffic coming from China.  It tends to get noticed by organizations that don’t have any business in China.  There is a lot of truth to ICBM’s presentation and it seems likely that Chinese hackers don’t control all of the Chinese bots.

However, it isn’t just the IP address that we have to go on.  In many cases, it is the type of information that the attacker took from the compromised target that indicated their origin.  There are a lot of similarities between attacks on Chinese dissident groups, Defense, government and contractors that warrants a closer look.  Commenters on articles like this usually note that the US, UK, EU are all doing this too.  That may be the case  but there isn’t nearly as much press out there speculating about countries other than China (and Russia).  Well, there is a small bit about Germany at least.

Pic of Zhao Wei from

6 responses so far

Mar 10 2009

Chinese hackers break iTunes gift card algorithm s

Published by under Hacking for money

From Techspot:

Apple may have a big problem on its hands with iTunes gift cards. According to Chinese record industry consultancy firm, Outdustry, the algorithm behind the cards has been cracked and as a result $200 voucher codes are being sold for as little as $2.60 online.

Read the rest here.

2 responses so far

Mar 04 2009

International Women’s Day, next target for Chinese hackers

Published by under Hacking for money

Warnings are going out from Chinese anti-virus companies to use caution when shopping online for women’s clothing.

International Women’s Day will be celebrated around the world on 8 March and security personnel have issued a warning that fashion websites are highly attractive targets for Chinese hackers.

Who knew?

Comments Off