The screen capture above had to be taken from a Google cache because Demon Group’s website (www.ddosx.cn) seems to have vanished from the interwebs. I have some theories on why it disappeared, which I will share later.

First noticed the group when I found one of their advertisements on Baidu Postings (Large Chinese BBS):

The group claims to provide various types of DDoS attack services on internet cafes, websites, private servers, servers…etc. They sell attack software packages and rent out specialized tools to gather up infected computers (Guaranteed to gather up no fewer than 600-900 in a single day). The contact number provided is QQ:81991.

Demon Group Spams

Demon group, you spam your services…you spam them a lot! You spam them too much! Now you have ticked off a guy named Good Good, he would like to see you go to jail, he has reported you to the INTERNET POLICE!

Internet Police Officer Cha Cha has responded to the complaint and says she will be paying close attention -cough- :

Demon Group Spams and Lacks Common Sense

In another ill-fated attempt to promote their website, they appear to have decided to get a viral story started that someone had predicted the Sichuan earthquake two months earlier. Of course, they linked the story back to a webpage on their own site and continued to repeat the story for over 300 posts.

These postings were of course interspersed with predictable DEATH THREATS and WARNINGS if they didn’t stop!

Die, once again you are deceiving people, how is it you weren’t buried under a collapsed building in Wenchuan!!!!

Careful in this time of crisis, it is against the law to fabricate a rumor.

Yeah, by this point in the story, my theory on why their website has now disappeared from the face of the Earth is pretty much unnecessary.

Yeah, sorry about the title…

This story comes via the news.china.com and is an inteview with a Chinese hacker named Hu.  The good news is that it is one of the most candid interviews I have ever read. The bad news is that it is very long and has a lot of technical language that I constantly struggle with.  So, it will be at least a three-part post (if not more) and will be heavily edited in some places. I also may call on one or two of you to lend a hand in coming up with the exact technical jargon. Our hacker Hu gives a very detailed look inside the economy of the underground world of Chinese hackers.

The article begins with a story about a Miss Liu, who returns home, turns on her computer and as she is skimming through webpages, a Word document suddenly opens.  At the top of the document, it begins to automatically write, “I have seen your picture, you are certainly very pretty!”

Due to her job at a large website portal, she immediately realizes this as a Trojan sequence and shuts off the power to the computer. (Miss Liu) “I didn’t expect that my computer could be hit by the Gray Pigeon (Trojan) and turned into a meat chicken (肉鸡). If I hadn’t turned off the computer, the hacker would still be controlling my computer and would also be able to send out data packets giving away all my computers secrets.

The term Rouji (肉鸡), Meat Chicken, I believe is slang for a compromised/infected computer. (a little help!)

It is reported that Gray Pigeon is one of the most virulent viruses in the last several years. The 2007 China Computer Virus Epidemic Network Security Report classified it as the 3rd largest virus.  After infection, the computer can be completely controlled through long-distance attack. The hacker can easily copy, delete or download documents on the computer. Through long-distance attack (the hacker) can also record every keystroke, the users QQ number and online game user information. Furthermore, after infection, the computer that the hacker has invaded is called meat chicken.

In fact, in China, there are several million users just like Miss Liu who are unaware that they are contributing to the strength of this network underground industrial chain.  According to statistics from the Kingsoft Global Anti-Virus Monitoring Center, in 2007, the nation (China) had over 50 million infected computers; an 18.15 percent increase over the same time last year with 90.56 percent of internet users suffering a virus attack. Among those, over 5 million of the infected computers were in Guangdong.

End Part I…tomorrow we will actually get into the interview with hacker Hu.

Horton hears a (Chinese hacker) Hu…Part II
Horton hears a (Chinese hacker) Hu…Part III
Horton hears a (Chinese hacker) Hu…Part IV

Hackers broke into the pages of the departments of Labor and Industry, Education, and Military and Veterans Affairs, as well as the Pennsylvania Lottery, said Mia DeVane said, a spokeswoman for the Office of Administration.

Political or monetary motivation?  Or, just a wonderful combination? Penssylvania’s government is going off the air, read their parting words.

Jeff Atwood, at Coding Horror, has an excellent post on CAPTCHA tech and how it is implemented. He includes a section on a Chinese hacker who has posted a price list based on the probability of breaking different encoding. Well worth the read here.