May 19 2010

PRC based members of

Published by at 4:57 pm under Cyber Crime

@Jhaddix posted something that caught my attention on twitter earlier today. It mentioned that the well-known cc trading site had been compromised and that all of the user accounts, password hashes and some IP access logs were exposed here. I thought it might be interesting to find out if there were any well-known PRC connections so I quickly wrote a script to geolocate the IP addresses and found only one China-based IP (with a .ru email tld):

7742:N-Skyline:,2010,17:44:34 (Beijing)

There were some .cn email addresses too:

This is also interesting:

12519:bifrostilo:,2010,00:00:09 (HK)


As an afterthought – before people start commenting, I thought I should mention that I’m aware that .cn and geoip do not necessarily mean that the person using that IP address or tld is/are physically located in the PRC. Thanks for not commenting about that.

6 responses so far

6 Responses to “PRC based members of”

  1. Jesse Krembson 20 May 2010 at 10:11 am

    Culling all this data and them mapping it for geolocation and info-graphic would be interesting. Also did you do a web search of the names and emails mentioned?

  2. thePullon 21 May 2010 at 3:34 am

    Look. Is a hacker from a country other then China really going to use a Chinese email address? Why use an email address on a web site with such a foreign language as Chinese? Or, why pick a totalitarian country to base a false identity on?

    And what is the russian connection?

    I hate to bring up the old sino-russian spook story which I have read used to send shivers down the spines of cold war hawks. We all know how Russia and China have had border problems. But could there be some kind of allegiance having been formed between these two countries?

    I don’t get where China is getting their tactics from in all of this crazy S&T hacking. It doesn’t seem Chinese way of thinking at all. But, then again, Sun Tzu did write the book on war & spying. So who knows.

  3. gaoyulongon 06 Jun 2010 at 5:32 am

    I recently read on the internet about U.S. intelligence agencies have obtained a Chinese military book that will provide new insights into the Chinese military’s information-warfare plans.

    The book is being translated, but Inside the Ring obtained its table of contents, which reveals Beijing’s priorities for high-technology warfare using computers and electronic-warfare weapons.

    The 322-page book, “Information Warfare Theory,” was published in May 2007 and written by Wang Zhengde, president of the People’s Liberation Army Information Engineering University….
    Any idea’s what this may yield in terms of usefulness????

  4. alexon 09 Jun 2010 at 1:27 pm

    Well I think you have a point here. I recenctly heard that the China has admitted to censorhip of the internet. This is pretty harsh stuff bbut i think it is pretty free to get what you need there. But one has to be caustious and perhaps the us has a better idea to keep things flowing without censoship. They are going to regulate it as facebook is to complicated for me and I do not know where it is going. In any event , any comments appriciated.


  5. gao yulongon 10 Jun 2010 at 9:46 pm

    Jumper and friends, while surfing the net during my off times I read that:
    According to a report in the Washington Post on May 12, 2010, the State Department made a decision to fund the Global Internet Freedom Consortium (GIFC), a group run mainly by Falun Gong practitioners, which provides software that enables users to skirt Internet firewalls sponsored by oppressive regimes such as the Chinese Communist Party. State Department officials decided to fund GIFC in the amount of $1.5 million, according to an anonymous State Department official, who confirmed the offer.
    have you seen any other exchanges along these lines?
    GIFC has made it’s way into Iran as well,
    their site is here:

  6. alexon 17 Jun 2010 at 9:08 pm

    Here is some good old regulation type stuff without any of that censorship stuff. Also have some comments on the new bank card chip(s) security, accountability and of course some transparnecy (for whom and by whom is up for grabs it appears)

    ** WARNING **

    This connection has been refused.

    The Internet site you are attempting to access

    has been designated by a web classification service as

    containing material that contravenes

    the BC Government’s Internet usage policy.

    Click here for more information

    Blocked URL………..
    Category………………Proxy Avoidance
    Source IP Address…

    Gottta run but your stuff is interesting.