June 19th, 2008
China detains web site defacer spreading earthquake rumors
The Xinhua news agency is reporting that the web site defacer which I mentioned in a previous post regarding the use of
web site defacements as tools for psychological operations, has been located and detained in less than a week after he defaced the Seismic Emergency and Public Center of the Guangxi province where he left a fake message on an upcoming earthquake that’s going to hit China.
Tracking him down and releasing detention clips to the Chinese media is one of these emblematic cyber crime cases the Chinese Cyber Police would do anything to solve. Would they also be allocating the same resources to another incident if it wasn’t the momentum and the boldness of this hacker to do what he did in times when China’s shaken by earthquakes?
Xinhua has more details :
“Chen, 19, worked in a technology company after graduating from junior middle school. He said he hacked the site to show off his computer skills and have “fun,” according to the police.
The administration website was found to have been hacked on May 31. A notice mourning the victims of the 8.0-magnitude quake had been revised to read: “Please prepare for an earthquake with a magnitude of more than 9.0 in Guangxi,” Tang said
The news scroll, meanwhile, had been replaced with a single phrase: “Experts warn of earthquake in Guangxi in the near future,” he said. “
There are three types of web site defacers, the average ones basically greeting their team members without deleting anything, the commercial ones, that would monetize their defacement by selling the access to the web server to spammers and malware authors, and the stupid ones, who would deface the Seismic Emergency and Public CenterĀ of the Guangxi province in times when China’s shaken by earthquakes and leave a note on yet another one coming.
What is this case demonstrating us anyway? That when there’s a will, there’s always a way. Most importantly, that when you cannot stop being the number one hosting provider of malware, and malware command and control interfaces in the world, you pick up a single bee out of the beehive and slap it with a newspaper in front of everyone.
Dancho Danchev is an independent security consultant and cyber threats analyst, with extensive experience in open source intelligence gathering, malware and cybercrime incident response. He's been an active security blogger since 2007, and maintains a popular security blog. See his full profile and disclosure of his industry affiliations.
Subscribe to Zero Day via Email alerts or RSS.
