Loyal readers of TDV may remember Heike’s post about Peng Yinan, aka Coolswallow of Javaphile. According to this NY Times article, the school that Yinan has occasionally taught at was discovered to have been involved in the Google compromise revealed last month. At this point, it is only the IP addresses that seem to link the school to the compromise but it is an interesting coincdence that one of the most prolific Chinese hackers has a close connection to the school.
There are many possibilities for SJTU’s IP addresses being involved in the incident. Any assessments made about SJTU’s involvement at this point would be just a guess.
Why do criminals always return to the scene of the crime?
When we last caught up with our old friend Coolswallow/Ericool/Peng Yinan, he was giving a presentation titled, “Hacker in a Nutshell,” at the Chen Ruiqiu building, located on the Jiaotong University campus.
Mr. Peng was not very happy with our coverage of his activities…see here. My response here.
Once again, he has been invited back to Jiaotong University to pass along his experience to job-seeking students studying information security engineering…of course it took place at the Chen Ruiqiu building.
Peng Yinan offering help to future information security specialists
As an alumni of the university, he was there to assist these young students in gaining employment in the information security industry:
Students in need…how will this help?
Not sure but…could this be considered a FAIL?
Yeah, I just wanted to give failblog.org a plug…love this website!
This hunt for Coolswallow of Javaphile begins, right here at our website…
On the 1st and 2nd of this month, the site started receiving a lot of traffic from the Shanghai Jiaotong University bulletin board. A poster going by the online name ericool linked to an article (UPDATE: ericool has removed the link) previously posted here about Javaphile. Ericool said that the information I got about Javaphile was taken from his old website (he is absolutely correct) and since all that info came from Coolswallow’s blog…that means that Ericool is in fact…Coolswallow. A much earlier posting by Ericool in 2002 leaves little room for doubt (note the moniker circled in red at the bottom of the post):
The reasons I have been following Coolswallow, is that he was fairly active during the US and Chinese cyber conflict that occurred over the collision between a US EP-3 reconnaissance aircraft and a Chinese fighter. One of the characteristics that makes Coolswallow standout from the normal Chinese hacker is his scholarly work on Buddhism. It is a theme that has repeated itself throughout his writings and will be the primary cause for some speculation later in this search.
Started running some searches on ericool and found him linked to the Beasts of Burden Society, that is composed of graduate students from Jiaotong University. The society has been putting on a wide variety of academic seminars on various topics for the last two years.
(Image Removed upon request)
For their 2nd anniversary, the lecture was titled “Hacker in a nutshell” and was given by Peng Yinan (彭一楠). According to the press release, Peng Yinan is a security information consultant for the Shanghai Public Security Bureau and a senior hacker. Futhermore, he uses Vajracchedika-Sutra Buddhism to explain the characteristics of hackers. Hmm, suspicious… Here is one of the fliers for the lecture that took place at the Chen Ruiqiu building on the 31st of October, 2007:
Continue Reading »