Archive for the 'Taiwan' Category

Sep 09 2009

Chinese hackers: We are not mentally handicapped

90admin

The article from Alibaba reports that the website was down on Tuesday but as of a few moments ago when I checked, it was back up and running:

The post-90 generation teens that run 2009.90admin. com, wrote on their website, “We are not Internet attackers, we are just a group of computer fans; we are not mentally handicapped kids, we are the real patriotic youth. We’ll target anti-China websites across the nation and send it as a birthday gift to our country.”

The site was the subject of hot debate on the Chinese version of twitter but could not be viewed Tuesday. Efforts to reach the site’s operators were unsuccessful.

The 500-word statement appeared over a red and black background decorated with a flying national flag.

14 responses so far

Sep 08 2009

And now the Taiwanese film festival

Published by under Censorship,Nationalism,Taiwan

Taiwanese organizers in Kaohsiung, Taiwan’s second largest city, plan to show the controversial film, “Ten Conditions of Love” next month, sparking outrage in the Chinese hacker community once again.  Given the fact that it is Taiwan, it is doubly outrageous. 

The film’s showing in Melbourne last month sent Chinese hackers on a mini-rampage, see here, here, here and here.

Now all eyes turn to the Taiwanese film festival:

Anonymous hackers have attacked a Taiwan film festival over plans to screen a documentary on the US-based leader of China’s predominantly Muslim Uighur minority, festival organizers said Tuesday.

A message, posted on a blog run by one of the organizers of the Kaohsiung Film Festival, blamed Rebiya Kadeer for recent bloody unrest in northwest China’s Xinjiang region, which is home to the Turkic-speaking Uighurs.

“I don’t know if you heard about the violence (in Xinjiang) and if you know how many people were left homeless. It is all because of that woman,” said the message, referring to Kadeer.

One response so far

Dec 23 2008

Chinese hacker defaces Taiwan DPP website

Published by under Nationalism,Taiwan

Defaced DPP website

Defaced DPP website

A Chinese hacker (elder brother Ma) has defaced the website of the Taiwanese Democratic Progressive Party with the 5-star flag of mainland China to protest the release of Chen Shuibian by a Taiwanese court.  Chen is on trial for embezzlement.


Comments Off

Aug 27 2008

Taiwan breaks up hacking ring

Published by under Taiwan

This AFP/Google News article is very short on detail. Perhaps some of our readers in Taiwan can comment on the local media reporting. From the article:

Police in Taiwan have arrested six people suspected of stealing personal data from state firms, including information about the island’s current and former presidents, officials said Wednesday.

One response so far

Jul 14 2008

Bruce Schneier: The Truth About Chinese Hackers

Bruce Schneier

Bruce Schneier is a well-known security and cryptography researcher.  He has a popular blog where he posted his recent article detailing “The Truth About Chinese Hackers”, which was written for Discovery Channel.

This article is not particularly insightful and sort of lumps all of the Chinese hackers into a single group of young, male patriotic kids doing it for the babes and limos.

These hacker groups seem not to be working for the Chinese government. They don’t seem to be coordinated by the Chinese military.

The hackers are in this for two reasons: fame and glory, and an attempt to make a living.

This is very short sighted.  We should be honest here, neither Bruce Schneier nor Heike and I know with absolute certainty what Chinese hackers are doing, who is coordinating them and who might be paying them.  Maybe the article shouldn’t be titled “The Truth About Chinese Hacker” because Bruce doesn’t know what the truth is (Heike would have said that he couldn’t handle the truth either, but that’s not my style).

I think a lot of people assume that activity attributed to the PRC is simply based on the IP address.  After studying spear phishing attacks, custom malware attacks and the types of data that have been exfiltrated from various NGO targets it seems likely that some entity is coordinating the collection and exploitation of this information.  In my humble opinion, there may be more to this than WoW passwords.

 

11 responses so far

Jun 21 2008

Vampires, Chinese hackers, Treachery and Smoking Hacker Babe…Let’s face it, this post has it all!

New Chinese hacker program making the rounds called Chinese Vampire v2.2.1 (starving anti-virus) billed as a trojan downloader tool, ARP attack, QQ tail…etc. The screenshot below shows the downloader interface:

From what I have read about the tool, it is very effective. So effective in fact, that another Chinese hacker calling himself Sadness, from the Black Wolf hacker group, stole it. Yes, he did. Look at the trackback URLs associated with this screenshot compared to the one above (circled in red). Notice that our thief has changed it to the Black Wolf website instead of the www.9u9u9.cn address.

The true author of Vampire v2.2.1 runs the website pictured below and calls himself SKSgod…sigh. He was really unhappy with the theft of his property and posted a pretty nasty response to Sadness. Yeah, hacker on hacker violence doesn’t concern me in the least.

Now the truly exciting part of this post, there is also a female hacker involved in the marketing of this fine product named Jiajia (佳佳). Hmmm, you say…that name sounds familiar? Well it should! It is the same name as one of the members of the Six Golden Flowers.

Jiajia of the Six Golden Flowers

Is the same Jiajia? I don’t think it is but not sure. On her blog, this Jiajia claims that due to the controversy over the stolen program, there are only two legitimate sites to download Vampire v2.2.1. One is her site and the other at SKSgod’s. Yes, there was a picture associated with Jiajia’s website:

Now this girl certainly doesn’t look like Jiajia number one and she appears to be a bit younger. Also, the characters next to the picture said “Sleepless Night.” Hell, this could be the picture off an album cover (and yes I did try to see if I could find a record called Sleepless Night) for all I know. She may just be the Brittany Spears of China. Thought I would include it anyway…sue me.

One response so far

Feb 20 2008

Taiwan’s Nautica Retailer Pwn3d

Published by under Hacking for money,Taiwan

The Nautica clothing site in the Republic of China has been compromised by a malicious iframe that redirects to very well-known rogue anti-spyware pushers often associated with the Russian Business Network.  If the site is searched on Google, the index listing indicates that “This site may harm your computer”.

 Google index of Nautica TW      

So naturally, the first thing I do is check it out.  

 nautica_taiwan      

I was a little bit disappointed that all I found was an iframe redirect to meoryprof.info which 302′s to spywaresafe.net, which refused my connection.   Initially I thought it was because I was using wget so I passed a valid looking IE user-agent string to it and was still refused.  Google’s cache only shows the text “sl0n” on the site.  Not very effective malware, I guess. Most of these fake anti-spyware programs don’t use packers, debugger detection or any anti-RE techniques.  I have about 40 or so different versions of this type of malware.  

Comments Off