Wednesday, September 05, 2007

chinese hack into the pentagon, and other tales of mails to avoid

sep 4th, 2007

from good morning silicon valley:

So that's where China's toy safety budget went: The pet food may be poison, the tires may fall apart and the toys may do terrible things to tots, but when it comes to hacking, malware and spam, China takes a back seat to no one.

According to the Financial Times, the Chinese military hacked into a Pentagon network in June in the most successful cyber attack yet on the U.S. military. Success, of course, is relative, and while the attack most likely didn't compromise any classified information, it did force U.S. officials to shut down part of a network serving the office of Defense Secretary Robert Gates for more than a week, sources told the FT. The sources also said the incursion had the fingerprints of the People's Liberation Army all over it -- a "very high level of confidence ... trending towards total certainty," in the words of one. This breach apparently goes beyond the standard probing and counterprobing that intelligence agencies on both sides practice. "The PLA has demonstrated the ability to conduct attacks that disable our system ... and the ability in a conflict situation to re-enter and disrupt on a very large scale," a source told the FT. China, naturally, is shocked, shocked, at such reports. "We have explicit laws and regulations in this regard," said Jiang Yu, a foreign ministry official. "Hacking is a global issue and China is frequently a victim."

But network nastiness is hardly limited to China's government professionals. A report released Monday by antivirus company Sophos says 44.8 percent of the world's malware-infected Web sites are hosted in China. Trailing behind are the U.S. at 20.8 percent, Russia at 11.3 percent, Ukraine with 7.7 percent, and jumping up three spots up the charts since last month, Poland with 2.4 percent of the world's infected servers. Sophos also reports that the evildoers are relying less on sneaking their poisoned packages through e-mail filters and more on sending spam that directs recipients to infection-laden Web sites . And that would account for the findings of a Symantec report from mid-August noting that in July, the number of spam domains under China's top-level .cn domain rose from almost zero to 450. Gotta make up for those lost exports somewhere.


==========================

and if you get mails of the following kind, *do not* click on the URLs. there are 'bundled' malware items on these URLs that will silently install things like keystroke loggers, bot-makers, rootkits etc. on your system. i have changed the URLs slightly so that even if you click on these here, you *might* be ok, but NO GUARANTEES. clicker beware!

body of mail:

Man you have got to tell me where you picked her up. I saw this on the web, it has to be you. check it out yourself http://www.youtube.com/watch?v=TNrL1IQhZ

or this one:

If your mom sees this she this video of you she is gonna freak. here is where I found it... http://www.youtube.com/watch?v=SbgfAN8He

No comments: