The Dark Visitor

The researchers at InfoWar Monitor and Shadow Server have released a great research paper that adds to the Ghostnet report from last year. TDV gets a plug in the report for our chat with lost33.

The article from Alibaba reports that the website was down on Tuesday but as of a few moments ago when I checked, it was back up and running:

The post-90 generation teens that run 2009.90admin. com, wrote on their website, “We are not Internet attackers, we are just a group of computer fans; we are not mentally handicapped kids, we are the real patriotic youth. We’ll target anti-China websites across the nation and send it as a birthday gift to our country.”

The site was the subject of hot debate on the Chinese version of twitter but could not be viewed Tuesday. Efforts to reach the site’s operators were unsuccessful.

The 500-word statement appeared over a red and black background decorated with a flying national flag.

Taiwanese organizers in Kaohsiung, Taiwan’s second largest city, plan to show the controversial film, “Ten Conditions of Love” next month, sparking outrage in the Chinese hacker community once again.  Given the fact that it is Taiwan, it is doubly outrageous. 

The film’s showing in Melbourne last month sent Chinese hackers on a mini-rampage, see here, here, here and here.

Now all eyes turn to the Taiwanese film festival:

Anonymous hackers have attacked a Taiwan film festival over plans to screen a documentary on the US-based leader of China’s predominantly Muslim Uighur minority, festival organizers said Tuesday.

A message, posted on a blog run by one of the organizers of the Kaohsiung Film Festival, blamed Rebiya Kadeer for recent bloody unrest in northwest China’s Xinjiang region, which is home to the Turkic-speaking Uighurs.

“I don’t know if you heard about the violence (in Xinjiang) and if you know how many people were left homeless. It is all because of that woman,” said the message, referring to Kadeer.

Hong Lei

More on Tomato Garden and the arrest of Hong Lei, the author of the pirated software.  Online polls show massive support for Hong Lei as a nationalist hero:

The Chinese IT community is abuzz with news of the arrest of Hong Lei, distributor of the popular “Tomato Garden” pirate version of Windows XP, which means the popular unlocked version of the Microsoft software will no longer be available.

According to Sina.com, more than 90 percent of users they surveyed are or were users of Tomato Garden pirate editions. And 79 percent said they were on Tomato Garden’s side. Less than 5 percent said they supported Microsoft.

The Wall Street Journal has some interesting interviews with people inside China concerning the case and the drivers behind the software theft.

Running through the headlines this morning at PLA Daily and saw an article concerning a CNN poll that has angered Chinese netizens.  The survey asked if Ma Ying-jeou, Taiwan’s current president, should step down over his administration’s handling of typhoon Morakot.  Over 80% of the people responding felt that he should.  This poll, which has now been pulled by CNN, ran in the Taiwanese media but has since carried over into mainland forums sparking outrage.

Comments in a blog at ifeng.com,  which has been viewed 22,473 times and received 106 comments, summarizes the feeling of mainland Chinese netizens:

- Mainland China and Taiwan already have a difficult situation, I hope that Ma Ying-jeou can weather this crisis and continue his great undertaking of peaceful reunification

- Isn’t there a saying about not being “too CNN”!

- This diaster is all brought about by so-called democratic elections.  The DPP uses lawyers to rule the country and the Guomindang uses academics to rule the country, they are both horrible.  Western elections aren’t suitable to Easterners, they cause social unrest!  There isn’t anything beneficial for the people, just a bunch of thieves!!

- The US is afraid of the daily expansion in the harmonious development between the mainland and Taiwan so they increasingly exaggerate these dishonest reports!  CNN is no longer viewed as a celebrated media source to the Chinese people.   To hell with Uncle Sam!

- Don’t be too CNN

- It is because Ma Ying-jeou’s mainland policy scares CNN, they are afraid China knows what it is doing, they are afraid of reunification

- Drive the American imperialists out of China

- I first saw the CNN report on TV and a Washington Post poll that said 82% wanted Ma Ying-jeou to step down.  My first reaction was that this was a US dirty trick to oppose Ma Ying-jeou’s mainland policy.  In the evening, there were a lot of different points of view from different parties that came to the same conclusion, these reports had the same bias as the ones from 14 March and 5 June.

They just go on like that for 106 comments and remember, this is only from one website.  Here is a Google translation if you want to skim through the rest of the comments.

Kang Lingyi

According to reports, in 1999, Kang Lingyi participated in hacking the US Embassy and the White House over the accidental bombing of the Chinese Embassy in Belgrade.   He then went on to fame founding several nationalist websites.

An international controversy has broken out over an article he published on one of his websites called, the China International Strategy Net.  In the article, Kang suggests that India can be removed as a competitor by intentionally encouraging separatists to bring about the collapse of the state.  The statements caused such an uproar that the Indian government was forced to issue a statement saying that the relationship between China and India was peaceful.

As of this writing, Kang’s website has a message up saying that the site is currently under maintenance.  It has been up all day so let the wild speculations begin:

1) Beijing took it down as a concession

2) Indian hackers

3) The boring option of site maintenance          

In today’s PCWorld, Owen Fletcher provides a comprehensive summary of events surrounding the recent clash of nationalist hackers in connection with the ethnic riots in Xinjiang.  Owen was kind enough to give the blog a plug and we really appreciate that!

Searches on Friday revealed a dozen Web sites of local Chinese government offices that had been defaced with messages in support of the country’s Uighur ethnic minority group. The Uighurs, a mostly Muslim group native to Xinjiang, have complained of poor protection of their culture and a lack of economic opportunity as China has encouraged migration to Xinjiang by Han Chinese, the country’s large ethnic majority. Uighurs and Han Chinese carrying sticks and shovels hunted each other in packs during the rioting last month, which was triggered by an ethnic brawl in far-away southern China that left two Uighurs dead.

Also, props to Jumper for finding the really interesting reports on retaliations by pro-Uighur hackers.

Chinese hackers have once again attempted to disrupt the Melbourne International Film Festival but went left of target and defaced the Melbourne International Arts Festival website.   Hey, those sites have darn near the same name, could happen to anyone:

Meanwhile, Melbourne International Arts Festival general manager Vivia Hickman said it received reports from patrons that its website had been hacked yesterday evening.

The Chinese flag sits in the middle of the hacked webpage and a message reads: “The manifesto of the hacker: maintains the reunification of the motherland. Guards the national sovereignty”.

Online sales for the Melbourne Film Festival’s showing of the “Ten Conditions of Love” have been halted due to an attack on the website ticketing system by Chinese hackers.  According to AFP:

Chinese hackers crashed the website of Australia’s biggest film festival, organisers said on Saturday, escalating tensions over a visit here by the exiled leader of the Uighur minority.

Online bookings for the Melbourne International Film Festival had to be shut down after the site was bombarded with phony purchases which resulted in the entire program being sold out, said festival spokeswoman Asha Holmes.

The Chinese hacker who defaced the Melbourne Film Festival website signed his message of protest with the sid Oldjun.  To obscure his online identity, he named his personal website…Oldjun.com.  Some people just don’t care about their chosen profession and it shows.

Even the people who have stopped by Oldjun’s blog are dismayed by his total disregard for anonymity.   They point out that his personal info is all over Baidu and his blog site.   It gives away his surname, age, where he went to school and ID number.  They joke telling him to run and hide.

Huanqiu.com tracked Oldjun down using a Whois lookup on the website and got him to confess:

After tracing the domain name Oldjun, The Sunday Age spoke to Zhou Yu, 24, an IT professional from Nanjing, who admitted hacking the site after learning about the controversy from the internet.

Mr Zhou denied acting on behalf of the Chinese Government, stating he acted ‘because I am Chinese. I’m very angry — not only me, but I think all of the Chinese people— about this.’

As an added bonus, our old friend Sunwear shows up in the comments section.  My theory still holds that if Sunwear is present, something bad is happening.