Members
  • Total Members: 12818
  • Latest: martin
Stats
  • Total Posts: 28536
  • Total Topics: 8240
  • Online Today: 1005
  • Online Ever: 51419
  • (01. January 2010., 10:27:49)












Author Topic: Blaster worm hacking group hired by Chinese firm Topsec (XFocus, Lin Yon Lion)  (Read 2349 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7206
  • KARMA: 291
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


Chinese security firms with ties to the Chinese military have hired hackers, including the group responsible for the original Blaster worm, U.S. diplomats alleged in a 2009 cable published Saturday by WikiLeaks.

The companies also have access to the source code to Microsoft Windows.

According to the U.S. State Department's daily security briefing of June 29, 2009: http://213.251.145.96/cable/2009/06/09STATE67105.html , Topsec of Beijing had employed "a known Chinese hacker" from June 2002 to March 2003. Identified as Lin Yong, aka "Lion," the hacker served as a senior security service engineer to "manage security service and training."

Topsec, China's largest security vendor, provides training and support service for the People's Liberation Army (PLA), and was partially funded by the Chinese government, the cable continued, citing an interview in state-run media with the firm's founder and chairman, He Weidong.

The cable originated with the Secretary of State's office, was labeled "Secret" and was not to be shown to any foreign nationals.

Another company, Venustech, also of Beijing, used the services of a hacking group called XFocus, which was reportedly responsible for crafting the original Blaster worm in mid-2003, the security briefing said.

XFocus posted proof-of-concept code in July 2003 just weeks after a vulnerability in Microsoft's Windows operating system was revealed. That code, later modified, became the basis for Blaster, a worm that spread rapidly among Windows 2000 and Windows XP machines.

Court documents from the trial of U.S. teenager Jeffrey Lee Parson, who was arrested and charged with creating a Blaster variant, also named XFocus as the group that reverse-engineered a Windows patch to build the initial worm.

In 2004, Parson pleaded guilty and was sentenced to 18 months in prison.

The ties between government-backed companies and hackers is part of China's "nationally-funded 'network attack scientific research projects,'" the cable explained.

Both Topsec and Venustech also have ties to Microsoft.

The firms are among several in China that signed agreements with the U.S. developer in 2003 that gave them access to Windows' source code: http://www.microsoft.com/presspass/press/2003/sep03/09-26GSPCHPR.mspx
The Chinese government also has access to the source code.

The State Department noted that it was no surprise that Topsec and Venustech had hired hackers.

"While links between top Chinese companies and the PRC [People's Republic of China] are not uncommon, it illustrates the PRC's use of its 'private sector' in support of governmental information warfare objectives," the cable stated. "As evidenced with Topsec, there is a strong possibility the PRC is harvesting the talents of its private sector in order to bolster offensive and defensive computer network operations capabilities."

America researchers and security analysts have long suspected that China's military has extensive cyberwarfare capabilities. In 2007, a Department of Defense report claimed that the PLA had first-strike know-how , and had created military units charged with developing viruses to attack enemy computer networks.

Topsec and Venustech did not immediately reply to a request for comment.

WikiLeaks, which struggled last week to remain online , has published over 900 of the 250,000 confidential State Department messages that it released to several news organizations more than a week ago.

(IT)

Samker's Computer Forum - SCforum.info





 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.scforum.info:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Terms of Use | Privacy Policy | Advertising