The Dark Visitor

Received an e-mail today from www.blogged.com that has rated us as follows:

We evaluated your blog based on the following criteria: Frequency of Updates, Relevance of Content, Site Design, and Writing Style.

After carefully reviewing each of these criteria, your site was given its 8.0 score.

An 8.0…I mean WTF? I strongly suspect that Jumper has pulled the blog down from my own unbiased rating of around 8.15 prior to his arrival.

An 8.0 is great? Not in my book buddy, that is like low hanging “B” work. We at TDV vow to increase the quality of our postings, we will spare nothing to move up the ladder at blogged.com…unless of course it involves too much effort.

Chinese hacker candy is dandy…

Hat tip: To you know who

Remember Crouching Powerpoint, Hidden Trojan?  Maarten VAn Horenbeeck will be giving a presentation at the SANS Fire conference in DC later this month.

Is Troy Burning? An analysis of targeted cyber attacks.
- Maarten Van Horenbeeck, SANS ISC
- Thursday, July 24, 2008 * 7:00pm

The use of trojans in targeted attacks has been known dating back to at least 2002. However, only since 2005 has their use and methodology become relatively widespread and better understood. Recently some of the more notorious attacks, especially those on governments, have been widely discussed in the media, but little technical information is available.

This presentation is based on private investigations of targeted attacks against various organizations, and provides a detailed view on the methodologies, both from a technical as a social engineering perspective, most popular in these attacks. In addition, it briefly touches on how effective today’s protection mechanisms are and to what degree these attacks can be mitigated and detected.

More details on the conference here.  If anyone is going, please let me or Heike know.

(From Zaobao) Xinhua News, citing statistics from the Chinese Industry and Informationization Department, reported that cell phone use in China increased to the point that one out of every two people owns a set and that traditional landline use continues its steady decline.

End of May (2008) statistics showed that out of China’s 1.3 billion population, 592 million households now had a cell phone.  This was a 9% increase from numbers at the close of  2007, which showed 547 million users.

The report stated that the telecommunications industry had continued to slash prices in order to increase cell phone use.

Furthermore, traditional landline household use had dropped by 6.5 million to 358 million users.

Another Chinese hacker makes the Stupid/Evil category…mainly just stupid

One cell phone for every two people in China…WOW! Use grows by 9%, old school landline users sinking like a stone

Off to see Wall-E with the little one, back later tonight

Hat-Tip: GaoYuLong

At times, I get so busy going through Chinese hacker websites that I forget there are other methods of collecting information that should not be ignored. Fortunately, reader GaoYuLong reminds me that HUMINT has not passed the way of the dinosaur and we need to keep track of the methodology used by China. GaoYuLong points to two articles from the Epoch Times that clearly illustrates these techniques:

Chinese Regime Looks to Student-Spies to Push Agenda in Canada

It was a sobering moment. Countless Falun Gong adherents in mainland China had received similar threats, and hundreds—if not thousands—went on to face torture and brainwashing after being turned in by fellow students and teachers.

But Lingdi Zhang does not live in China. The then-computer science student was studying at the University of Ottawa.

FBI Chinese Advertisement Targets CCP’s State Security
An advertisement by the Federal Bureau of Investigation (FBI) aimed at Chinese-speaking residents of San Francisco’s Bay Area, ran from July 2 through July 8 in three local Chinese-language newspapers, seeking information about Chinese espionage to the United States.

This is a very good summary of Chinese hacker attacks on India, to include speculation on mapping of their information infrastructure:

China’s intensified cyber warfare against India is becoming a serious threat to national security. The desire to possess ‘electronic dominance’ over India has compelled Chinese hackers to attack many crucial Indian websites and over the past one and a half years, they have mounted almost daily attacks on Indian computer networks - both government and private.

In October 2007, for example, Chinese hackers defaced over 143 Indian websites. Phishing is a term derived from fishing, and is a fraudulent activity on the Internet to acquire personal information. In phishing, the hackers use spoofed e-mails to lure innocent Internet users and get their personal information like bank account number, credit card details, and password and so on.

Read more here…

The People’s Daily reports that four employees of a Shanghai based Internet security company have admitted to attempts to extort money from online games firms. They apparently launched denial of service attacks on the game sites and then requested money and fees for their company’s firewall product. Don’t worry though, he promised not to do it again:

All the accused admitted the offense, and sentence will be passed within
a month.

“I was attracted by the quick money and got carried away. I applied my
talents in the wrong way,” Li told Beijing Morning Post.

In the future, he will apply his skills only to legal things, he said.

You can find a non-.cn version of the article here.

Not Chinese hacker related but this article from the Sydney Morning Herald has such a curious cultural aspect to it that I wanted to pass it along. Some bloggers on the internet are seeing a relationship between the five Chinese Olympic mascots and recent misfortunes, to include the earthquake in Sichuan.

Jingjing, a panda, is the animal most closely associated with Sichuan province where the earthquake struck.

Huanhuan, a cartoon character with flame-red hair, is being linked by bloggers to the Olympic torch that has been dogged by anti-China protests on its round-the-world tour.

Yingying, an antelope, is an animal confined to the borders of Tibet, which has been the scene of riots and the cause of international protests against China, the bloggers say.

Nini, represented by a kite, is being viewed as a reference to the “kite city” of Weifang, in Shandong, where there was a deadly train crash last month.

That leaves only Beibei, represented by a sturgeon fish, which online doomsayers suggest could indicate a looming disaster in the Yangtze River, the only place where sturgeon is found.

Here is the full article from the Sydney Morning Herald…

On the afternoon of May 31st, the Nanning Public Security Bureau Cyber Police received a report from the Guangxi Earthquake Bureau that a hacker had invaded and altered their website.

The FAKE message left by the hacker read:

“The violent earthquake that struck Wenchuan, Sichuan…we grieve for our fellow citizens who perished in the great Wenchuan, Sichuan, earthquake. In the near future, a major earthquake registering 9+ will hit the Guangxi area. Request that city residents make preparations as soon as possible.”

(Emphasis added)

Guangxi Earthquake Website

Cooperation between the cyber police from six provinces, spanning a three-day period, finally located the hacker responsible for the fraudulent message in Jiangsu.

Cyber Police Investigation

On 4 June, police arrested a further unidentified suspect named Chen who made a full confession.

Congratulations to Chinese hacker Chen, I had to add a new category to cover this event. Posted under Evil and/or Stupid…qualified as Evil and Stupid.