SecureWorks brings us a question and answer secession conducted with Chinese hackers at a conference sponsored by Yesky in Beijing. The title of the conference was “Chinese Hackers Talk Hacking.”
In interviews given at the conference and online, we get some insight into the Chinese hacking subculture and how it is growing at such a rapid pace. Translated below are some interesting responses that seemed to reflect the attitude of the populace:
Q: Under what circumstances will you perform a hack?
A: If it is a matter that affects us internationally, then we will gather members to perform the attack. Most of the time, we attack through the web site.
ChinaByte just released an article on commonly used “Security Software” that is domestically produced:
1) 溯雪 (Snow Trace) – Password decoder
2) 乱刀 (Chaotic Knife) – Password analyzer for UNIX
3) 天网 (Sky Net) – Firewall approved by Ministry of Public Security
4) 冰河 (Glacier) – Trojan developed by Huang Xin
5) 小分析家 (Little Analyst) – Monitoring software sniffer similar to NetXray
6) 快速搜索 (Fast Search) – Port scanner with multiple thread search
Top of the news lately has been the ongoing Israel-Hamas conflict and this hasn’t been lost on Chinese hackers. RSA is reporting that the fake CNN website is luring people with graphic images of the conflict. RSA claims that they have shutdown the attack and that the website was hosted in China.
Yes, I know hosted in China does not mean Chinese hackers…fine.
RSA mentions that the “gang” is known but checking the links did not indicate if they were Chinese or from another source. Left them a comment on the site requesting more info…so, I leave you with this until informed otherwise.
New stats out on the Chinese online gaming industry poised to reach 2.67 billion dollars by 2010.
We know that Chinese hackers specialize in writing trojans for the purpose of stealing virtual property from games abroad…how about now? With the massive market starting to take off…trouble, trouble, trouble.
I’ve come across several incidents of blackmail against Chinese online game companies, it will only get worse.
2009 prediction #1
Not to mention, China’s E-commerce rose over 20% in 2008.
Oh, the title…”that’s where the money is.” New theme around here.
The following post has gone viral in the Chinese hacker community, as well as other social network sites in China. It is a call for the Red Hacker Alliance to assist the Pakistan online community in fighting off Indian hackers who have broken into large social network sites such as Orkut.
A Pakistani wrote the original e-mail requesting assistance from his Chinese friend, claiming that his group, which has 42,000 members, was under constant assault from Indian hackers. His Chinese friend then reposted their correspondence with a list of reasons why Chinese hackers should come to their aid. The posting hit a cord with the Chinese and it has gone viral.
This looks very similar to the warning signs we saw during the run up to the CNN attack. However, we have not found specific targets or groups organizing/planning attacks.
(The following post is very long but should give you an idea why the letter has appealed to the Chinese sense of nationalism and calls for assistance.)
Our Pakistani brothers hope that the Chinese Red Hacker Alliance will reach out their hand in mutual assistance
I am a normal Chinese citizen and due to a lucky coincidence, have become acquainted with several Pakistani friends. After knowing them for a short period of time, I have come to the profound understanding that even though the Chinese and Pakistani people have different religions, there is an ingrained friendship.
Continue Reading »
Xin Net, the world’s largest registrar of Chinese domain names, suffered an 8-hour attack yesterday that lasted from 4:00pm until 12:00am.
During that time period, 30% of the names registered through Xin Net could not be accessed normally.
The company put out an official reply expressing regret to all of its customers in a three-part memo (my shorthand):
1) Rotten hackers
2) Working furiously to restore
3) No refunds, we are a victim too!
We have posted about Chinese hackers and the World Bank before. This was just a “shot” at the China World bank website. Sorry, couldn’t resist.
As of writing, the webpage is still not repaired.
Chinese hackers? Don’t know for sure but the screenshot was found on a Chinese hacker webpage.
On 24 December 08, Chinese hackers once again defaced the Yasukuni Shrine website. Here is a little background from The Dark Visitor:
(Cyber Conflict of 2001)
August of 2001 would again see attacks on Japanese web sites in response to former Prime Minister Junichiro Koizumi’s visit to the controversial Yasukuni war memorial. Chinese hackers struck first on 13 August, attacking the server for the Japan Meteorological Agency. Following that, a large number of Japanese government web sites were attacked, such as “the Chemicals Evaluation and Research Institute, the the Defense Systems Research Committee, the Central Convention Service, Inc., the Fire and Disaster Management Agency, the Defense Facilities Administration Agency, the Communications Research Laboratory, and web sites for members of Parliament. The Honker Union of China issued the following statement:
Continue Reading »
This year, just as every year, Chinese hackers have been sending out Christmas cards to all their friends. Remember, you’ll probably be getting one for New Year’s too:
Nguyen Minh Duc, the manager of Bach Khoa’s application security group, said that XmasStorm originated in China. Hackers have registered at least 75 domain names relating to the malware campaign’s holiday theme in the last month, including “superchristmasday.com” and “funnychristmasguide.com.” According to WHOIS searches, those domains were registered to a Chinese address on Dec. 1 and Dec. 19, respectively.
Internal hacking looks like it is having an impact on Chinese business/e-commerce and the government is considering legislation to both clarify the law and increase criminal penalties.
The article makes it very clear that China will retain jurisdiction over all of these cases and no citizen will be sent to a foreign country for trial.
BEIJING, Dec. 22 (Xinhua) — Computer hackers could meet tough penalties under a draft amendment of the criminal law being debated by China’s top legislature.
The draft amendment under review by the Standing Committee of the National People’s Congress (NPC) would impose steep fines and prison sentences of three-to-seven years, depending on the severity of the offense.
The existing criminal law only imposes penalties on hackers who break into government, military and scientific research institutes’ computer systems.