The Dark Visitor

During the Olympics Games, a secret organization was formed by a Chinese hacker named Wang Zi to protect Olympic websites against foreign hackers and while they won’t say, reprisals were probably taken against offenders.

This article, from the People’s Daily, details Wang Zi’s efforts to bring back the patriotic spirit of the Red Hacker Alliance.

“The Tao that can be described in words is not the true Tao. The Name that can be named is not the true Name,” – the first two sentences of Tao Te Ching are the slogan of hong ke that appear on the new union’s new homepage.

After the Olympics, Wang Zi’s group retired from the web for a short time, and then on the first day of this year, the group made a bold new announcement.

The blurb on their newly-launched website reads, “Hong ke culture is back. We will hold and transmit hong ke spirit focusing on justice, pioneering and love for the motherland.”

Lin Lin, the leader of Evil Octal (another Chinese hacker organization), refutes Wang Zi’s claim to the title of new leader:

“Lion is the spiritual leader of the hong ke union,” Lin Lin, a leader of hacker group Eviloctal Security Team, told the Global Times. “And without him, no hong ke organization can be regarded as a reorganization of the original.

The article goes to great lengths to distance the organization from being government sanctioned:

Wang Zi says his union is a purely non-governmental organization. They could not register the union’s name with the Ministry of Industry and Information Technology until they deleted “Zhongguo” (China) from it.

Best hobby in the world.

It was absolutely my privilege to  spend a few days talking with Mara Hvistendahl on the subject of Chinese hackers.  She is such a fantastic lady and I couldn’t have enjoyed our time more.

While linking to our interview may seem a bit of shameless self-promotion, I mainly wanted it on record that Mara called me, “a trim 46-year-old.”  I pushed for other words like swashbuckling, ruggedly handsome and athletic until Mara started mentioning other adjectives such as weird, strange and goofy.

…TRIM!

Hackers: the China Syndrome by Mara Hvistendahl

Reports have emerged that the Russian Navy sank a Chinese cargo vessel impounded at the port of Nakhodka for alleged smuggling. After the Chinese ship, named New Star, left port without permission, a Russian Navy cruiser chased the ship and fired 500 rounds into the vessel causing it to sink.

Sixteen sailors from the ship boarded two lifeboats but only one was successfully rescued by the Russian Navy.  The other eight men, three Chinese and five Indonesians, aboard the remaining lifeboat were lost at sea.

(If you read the mix of these two reports, the numbers differ.  Other reports say it was the Russian Coast Guard and not the Russian Navy that sank the ship.)

Chinese hackers have protested the sinking of the vessel by defacing the website of the Russian Consulate in Shanghai.  At this time, the consulate’s website is still down:

The sign reads, “It is Everyone’s Responsibility to Boycott Evil Valentine’s Day.”  The boys from rednet.cn think that the people should resist this foreign holiday and concentrate on their own national holidays.

In their forum on rednet.cn, the topic of boycotting Valentine’s Day sparks much interest and support…not so much in the real world.  Only two or three people show up at the rally.

Dude, guys in the US have been trying for decades to get rid of this “evil” holiday with no luck.  If your campaign works, let us know.

In September, we brought you the story of Chinese hackers protesting the Sanlu Corp. for their practice of adding melamine to milk products in order to make them appear higher in protein.  Melamine is not intended for human consumption and caused children in China to develop kidney stones.  Many children died or suffered horribly.

Following the incident, the website jieshibaobao.com (children that developed kidney stones) was established to allow parents of victims to communicate with one another and post pictures of their children and the ordeal they endured.  The website posts images of the children’s suffering and has become an advocate group for compensation.

A group of patriotic Chinese hackers have joined together to attack the  website and force it down.  They claim the website is illegal, posting photoshopped pictures and fabricating the condition of the patients.  This casts a bad light on China’s period of prosperity and therefore, jieshibaobao.com has become the target of resentful patriotic youth.

The website was under daily attack and unable to function.  Jieshibabao was forced to move their website to an overseas server in hopes of avoiding the attacks.  However, the large coalition of patriotic hackers continued the attack and shut it down again.

Chinese netizens were not uniform in their support of this action.  Many were solidly against it.

SecureWorks brings us a question and answer secession conducted with Chinese hackers at a conference sponsored by Yesky in Beijing.  The title of the conference was “Chinese Hackers Talk Hacking.”

In interviews given at the conference and online, we get some insight into the Chinese hacking subculture and how it is growing at such a rapid pace. Translated below are some interesting responses that seemed to reflect the attitude of the populace:

Q: Under what circumstances will you perform a hack?

A: If it is a matter that affects us internationally, then we will gather members to perform the attack. Most of the time, we attack through the web site.

Cont…

Posted a couple of days ago about an e-mail asking Chinese hackers to help Pakistan in their cyber conflict with India.  The letter specifically  mentioned Orkut as key terrain in the battlespace.  (Sorry, feeling all military this morning.)

The battle for…well something…is still ongoing:

…the community site of the former President of India, Dr. APJ Kalam, in Orkut World, was targeted on Thursday, reportedly by Pakistani hackers.

As per the media reports, the hackers have renamed the community, originally named Dr. APJ Abdul Kalam, as Indian and have given an Islamic color to it.

The following post has gone viral in the Chinese hacker community, as well as other social network sites in China.  It is a call for the Red Hacker Alliance to assist the Pakistan online community in fighting off Indian hackers who have broken into large social network sites such as Orkut.

A Pakistani wrote the original e-mail requesting assistance from his Chinese friend, claiming that his group, which has 42,000 members, was under constant assault from Indian hackers.  His Chinese friend then reposted their correspondence with a list of reasons why Chinese hackers should come to their aid.  The posting hit a cord with the Chinese and it has gone viral.

This looks very similar to the warning signs we saw during the run up to the CNN attack.  However, we have not found specific targets or groups organizing/planning attacks.

(The following post is very long but should give you an idea why the letter has appealed to the Chinese sense of nationalism and calls for assistance.)

Our Pakistani brothers hope that the Chinese Red Hacker Alliance will reach out their hand in mutual assistance

I am a normal Chinese citizen and due to a lucky coincidence, have become acquainted with several Pakistani friends. After knowing them for a short period of time, I have come to the profound understanding that even though the Chinese and Pakistani people have different religions, there is an ingrained friendship.

Continue Reading »

On 24 December 08, Chinese hackers once again defaced the Yasukuni Shrine website.  Here is a little background from The Dark Visitor:

(Cyber Conflict of 2001)

August of 2001 would again see attacks on Japanese web sites in response to former Prime Minister Junichiro Koizumi’s visit to the controversial Yasukuni war memorial.  Chinese hackers struck first on 13 August, attacking the server for the Japan Meteorological Agency.   Following that, a large number of Japanese government web sites were attacked, such as “the Chemicals Evaluation and Research Institute, the the Defense Systems Research Committee, the Central Convention Service, Inc., the Fire and Disaster Management Agency, the Defense Facilities Administration Agency, the Communications Research Laboratory, and web sites for members of Parliament. The Honker Union of China issued the following statement:
Continue Reading »

Defaced DPP website

A Chinese hacker (elder brother Ma) has defaced the website of the Taiwanese Democratic Progressive Party with the 5-star flag of mainland China to protest the release of Chen Shuibian by a Taiwanese court.  Chen is on trial for embezzlement.