06/22/13

China Hackers found in Tor

China Hackers found in Tor

gAtO bEeN crawling - Tor and found China — China, Fujian IP found in Tor but is it really the Chinese or someone else. As I work on the Tor-Directory-Project to map out every URL in Tor. I came to these site

Anonetchina-computer-hac_1963116c

http://yaiaqf3te6khr3nd.onion/ – This sites has 3 different sites in one – 3 index front pages-DOORS - fUnNy nO?

http://lw7b7t7n7koyi6tb.onion

Now what’s so weird about these 2 sites 4 IP address on the site for proxies and Tor in CHINA.  This ain’t right, China does it’s best to block Tor and keep it’s citizens away from Tor so why would a website in Tor place these explicit IP address and telling you to use them.  In Tor you try to hide not give IP out that can be traced, so why is this different???

So I back trace these 4 sites 3 in China 1 is Soul,Korea, then you google “Fujian Providence hacking”

Yeah there are a lot of things happening in that part of China but is it really the Chinese or others. Russians maybe??

These 2 sites are linked to “Anonet” the funny (ha ha) thing is this one person that keeps popping up – (Anonymous Coward ) on both these sites-  and he/she leads back to China too mAyBe -Si-nO. The Chinese use the Anonymous Coward to mock Anonymous which are very dangerous in China but this does not look good folks.

We talk about China hacking us and when people like myself find these sites and try to report them  – no way- I’m just a nobody that has one of the largest Tor search engines around. Just from these 2 sites I have 56 URL’s – Maybe one of these cyber Professional should check these 2 sites out – I have a subscription service for Tor Search engine any governments or law enforcement out there that need this — talk to gAtO—

They may find one source of China Hacking the US and other places – gAtO oUt

Chinanet Fujian Province Network

http://1.1.7.10/  IP Address:

Chinanet Fujian Province Network

http://1.1.7.7/  IP Address:

Chinanet Fujian Province Network

http://1.234.56.4/  IP Address:

1.234.56.4  ISP: SK Broadband Co Ltd Region:

Seoul (KR)

http://1.56.75.16/  IP Address:

China Unicom Heilongjiang Province Network

1.56.75.16  ISP: Region: Harbin (CN)

05/24/12

China Cyber-Warfare Capabilities

Cyber Espionage and Cyberwarfare Capabilities.

In 2011, computer networks and systems around the world continued to be targets of intrusions and data theft, many of which originated within China. Although some of the targeted systems were U.S. government-owned, others were commercial networks owned by private companies whose stolen data represents valuable intellectual property. In the hands of overseas competitors, this information could diminish commercial and technological advantages earned through years of hard work and investment. Intrusions in 2011 occurred in key sectors, including companies that directly support U.S. defense programs.

Authoritative writings and China’s persistent cyber intrusions indicates the likelihood that Beijing is using cyber network operations (CNOs) as a tool to collect strategic intelligence. In parallel with its military preparations, China has increased diplomatic engagement and advocacy in multilateral and international forums where cyber issues are discussed and debated. Beijing’s agenda is frequently in line with Russia’s e&orts to promote cyber norms under a UN framework. In September 2011, China and Russia were the primary sponsors of an Information Security Code of Conduct that would have governments exercise sovereign authority over the %ow of information in cyberspace. China has not yet accepted that existing mechanisms (such as the Law of Armed Con%ict), apply in cyberspace. However, China’s thinking in this area may evolve as its own exposure increases through greater investment in global networks.

Technology Transfer, Strategic Trade Policy, and Military Modernization. 

The PRC continues to modernize its military by incorporating Western (mostly U.S.) dual-use technologies, which have also assisted its overall indigenous industrial, military industrial, and high-technology sector development. One of the PRC’s stated national security objectives is to leverage legally and illegally acquired dual-use and military-related technologies to its advantage. China has a long history of cooperation between its civilian and military sectors and openly espouses the need to exploit civilian technologies for use in its military modernization. In this context, the cumulative e&ect of U.S. dual-use technology transfers to China could also make a substantial material contribution to its military capabilities. For example, interactions with Western aviation manufacturing !rms may also inadvertently provide bene!t to China’s defense aviation industry. “rough its advisory role within the U.S. export control process, DoD will continue to identify and mitigate risk, and seek to prevent critical advanced technologies exports to China that could be diverted to unauthorized end-use or to third-country end-users of concern, or contribute to overall modernization of China’s military and defense industrial base.

Espionage.:

Chinese actors are the world’s most active and persistent perpetrators of economic espionage. Chinese attempts to collect U.S. technological and economic information will continue at a high level and will represent a growing and persistent threat to U.S. economic security. “e nature of the cyber threat will evolve with continuing technological advances in the global information environment.

Sensitive U.S. economic information and technology are targeted by intelligence services, private sector companies, academic/research institutions, and citizens of dozens of countries. China is likely to remain an aggressive and capable collector of sensitive U.S. economic information and technologies, particularly in cyberspace.

Civil-Military Integration. :

China’s defense industry has bene!ted from China’s rapidly expanding civilian economy, particularly its science and technology sector. Access to foreign advanced dual-use technology assists China’s civilian economic integration into the global production and research and development (R&D) chain. For example, with increasing globalization and integration of information technologies, companies such as Huawei, Datang, and Zhongxing, with their ties to the PRC government and PLA entities, pose potential challenges in the blurring lines between commercial and government/military-associated entities.

05/23/12

China’s Cyber Espionage -DoD Report

gAtO rEpOrTiNg - China’s Cyber Espionage: Annual Report to Congress – Military and Security Development involving the People’s Republic of China May-2012 -

THE PEOPLE’S REPUBLIC OF CHINA (PRC) is pursuing a long-term, comprehensive military mod- ernization program designed to improve the capacity of China’s armed forces to fight and win “local wars under conditions of informatization,” or high-intensity, information-centric regional military operations of short duration. China’s leaders view modernization of the Chinese People’s Liberation Army (PLA) as an essential component of their strategy to take advan- tage of what they perceive to be a “window of strategic opportunity” to advance China’s national development during the first two decades of the 21st century. During this period, China’s leaders are placing a priority on fostering a positive external environment to provide the PRC with the strategic space to focus on economic growth and development. At the same time, Chinese leaders seek to maintain peace and stability along their country’s periphery, expand their diplomatic influence to facilitate access to markets, capital, and resources, and avoid direct confrontation with the United States and other countries. This strategy has led to an expansion of China’s presence in regions all over the world, creating new and expanding economic and diplomatic interests.

As these interests have grown, and as China has assumed new roles and responsibilities in the inter- national community, China’s military modernization is, to an increasing extent, focusing on investments in military capabilities that would enable China’s armed forces to conduct a wide range of missions, including those farther from China. Even as the PLA is contend- ing with this growing array of missions, preparing for contingencies in the Taiwan Strait remains the principal focus and driver of much of China’s military invest- ment. In this context, over the past year, the PLA con- tinued to build the capabilities and develop the doctrine it considers necessary to deter Taiwan from declaring independence; to deter, delay, and deny effective U.S. intervention in a potential cross-Strait conflict; and to defeat Taiwan forces in the event of hostilities.

To support the PLA’s expanding set of roles and mis- sions, China’s leaders in 2011 sustained investment in advanced cruise missiles, short and medium range conventional ballistic missiles, anti-ship ballistic missiles, counterpace weapons, and military cyberspace capabilities which appear designed to enable anti-access/ area-denial (A2/AD) missions, or what PLA strategists refer to as “counter intervention operations.” The PLA also continued to demonstrate improved capabilities in advanced fighter aircraft, as evidenced by the inaugural flight testing of the J-20 stealth fighter; limited power projection, with the launch of China’s first aircraft carrier for sea trials; integrated air defenses; under- sea warfare; nuclear deterrence and strategic strike; improved command and control; and more sophisti- cated training and exercises across China’s air, naval, and land forces.

Underscoring the extent to which China’s leaders are increasingly looking to the PLA to perform missions that go beyond China’s immediate territorial concerns, over the past year the PLA deployed assets to support non-combatant evacuation operations from Libya, extended its presence in the Gulf of Aden for a third year of counterpiracy operations, took on leadership roles in United Nations peace operations, and con- ducted medical exchanges and a service mission to Latin America and the Caribbean using the PLA Navy’s hospital ship.

During their January 2011 summit, President Barack Obama and China’s President Hu Jintao committed to work together to build a cooperative partnership based on mutual respect and mutual benefit. Within that framework, the U.S. Department of Defense seeks to build a military-to-military relationship with China that is healthy, stable, reliable, and continuous. Strengthening the U.S.-China military-to-military relationship is a part of shaping China’s choices by encouraging it to cooperate with the United States and its allies and partners in the delivery of international public goods, including in such endeavors as counter- piracy, international peacekeeping, and humanitarian assistance and disaster relief operations. As the United States builds a stronger foundation for a military-to- military relationship with China, it also will continue to monitor China’s evolving military strategy, doctrine, and force development. In concert with Allies and partners, the United States will continue adapting its forces, posture, and operational concepts to maintain a stable and secure Asia-Pacific security environment.

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

The United States continues to pay “very careful attention” to China’s growing cyberspace capabilities, said Dave Helvey, acting deputy assistant defense secretary for East Asia. “There is the potential for these types of operations to be very disruptive” to the United States and its allies, said Helvey in briefing reporters May 18 on the contents of the Pentagon’s newly issued annual report to Congress on Chinese military developments. The China report claims that “many” of the cyber intrusions and data thefts conducted on US systems in 2011 originated in China.

The report infers that the Chinese government was behind at least some of those attacks, although Helvey declined to offer specifics. He also said he couldn’t say whether such attacks are increasing in frequency. “We note that China’s investing in not only capabilities to better defend their networks, but also they’re looking at ways to use cyber for offensive operations,” he said. “We also highlight a number of areas where we see China engaging in cyber activity focused on computer-network exploitation and lately our pipelines. That continues to be a concern of ours,” said Helvey. -gAtO oUt

This is a must Read from the DOD —>China DoD May 2012  report;
03/27/12

Huawei Spying on Customer

Huawei - Mitt Romney's Bain Capital sold out 3Com to the Chinese

gAtO wRoTe - about the Chinese company Huawei (Shenzhen, China-based company) a long time ago with it’s ties to Rick Perry the governor of Texas and ex-Presidential bid and Mitt Romney’s company Bain Capital that sold out 3Com and sold our national secrets to them. Now it finally falls on Australia to take the first step WHEN electoral fortunes are fading a good “reds under the beds” story can boost political stocks, but the row about Chinese telecommunications equipment supplier Huawei being barred from supplying equipment to the National Broadband Network puts a new twist on an old tactic. Generally it’s the Right that beats the red peril drum. Here in Australia it’s a Labor government claiming the NBN is too vital a piece of national infrastructure to be put at risk by buying equipment from China.

Huawei, which is second only to Sweden’s Ericsson in telecom equipment sales, was blocked on Monday from bidding on a $36 billion Australian national broadband contract. Security firm Symantec (SYMC, Fortune 500) ended in November because of Symantec’s concerns that its relationship with Huawei would prevent it from getting a sensitive U.S. government security contract.

Will this be the tipping point were we America stands up and see’s pass the profits and starts with looking at our nations cyber security survival. We hear that DHS and NSA and everyone is pushing for dollars $$ to fix our infrastructure but when will we start to stop the Chinese from stealing our intellectual capital that has made America great. Politicians need to take a look at what is the real problem like Rick Perry allowing dozens of Chinese companies to set up shop in Texas and claiming that they have such a great employment record at the cost of our national security.

gAtO is sad that we see the veterans of our great country without a job when we could be investing in Cyber Security training our young veterans in this field. Veterans have vital experience but as gAtO has found out personally the VA has a problem with allowing our veterans to get an education in this vital field of Internet Security. I like China don’t get me wrong and some of the accusation about China I suspect is nothing more that a scare tactic to get funding for political pet project. But if we start to training our veterans and anyone who wants this training we will not lose the cyber war- gAtO oUt 

02/24/12

China, Corporations and Internet Censorship

The Chinese government has developed sophisticated methods to monitor and repress the social-media activities of its ‘netizens’. Internet censorship in China also reflects the tangled relationship Beijing presently has with Western internet companies.

Prepared by: ISN staff

This week we have tried to determine just how much the internet and social media empower individuals or aid and abet corrupt and coercive regimes. Our unsurprising conclusion is that such media is Janus-faced – it does indeed liberate and repress. In the latter case, governments have become increasingly sophisticated in how they use the internet to maintain their grip on power. In this respect, the Chinese government’s manipulation of social media to monitor and repress the activities of its ‘netizens’ stands out as a representative case study – a negative case study, unfortunately, that also reflects the tangled relationship Beijing presently has with Western internet companies.

Social unrest, social media, and Chinese censorship

Control and manipulation of mass media outlets has been part of the Chinese Communist Party’s (CPC) mandate for generations. However, the emergence of the internet and social media such as Facebook (not to mention micro-blogging sites like Weibo, the Chinese equivalent to Twitter) prompted a change in the CPC’s approach to monitoring and censoring media outlets – i.e., it decided to decentralize its traditional oversight of China’s mass media. But it was only after a number of ‘ mass incidents’ (the official term for civil unrest in China) that Beijing developed a strategic approach to protect CPC ideology in cyberspace.

via China, Corporations and Internet Censorship.

02/17/12

Hacked: How China is stealing Americas business secrets

Sen. John Kerry is fed up with Chinas penchant for looting technology from U.S. businesses — up to $400 billion worth of data each year. When will it stop?POSTED ON FEBRUARY 16, 2012, AT 3:52 PMChinese gamers at an internet cafe: Sen. John Kerry D-Mass. says Chinese hackers are illegally stealing business secrets from American firms. Photo: Imaginechina/Corbis SEE ALL 54 PHOTOSChinese Vice President Xi Jinping, slated to be the next leader of the worlds most populous nation, is getting an earful from U.S. officials over Chinas shady business practices. During Xis first official tour of the U.S. this week, Sen. John Kerry D-Mass. accused a Chinese company of bankrupting a U.S. competitor by ransacking its software. And thats just the tip of the iceberg, alleges Kerry, implicating China in “cyber-attacks, access-to-market issues, espionage [and] theft.” And, indeed, a flurry of recent reports indicate that Chinese hackers, backed by the government, are stealing business secrets from the U.S. Here, a guide:

via Hacked: How China is stealing Americas business secrets – The Week.

02/1/12

McConnell, Chertoff and Lynn: Chinas Cyber Thievery Is National Policy—And Must Be Challenged – WSJ.com

By MIKE MCCONNELL, MICHAEL CHERTOFF AND WILLIAM LYNNOnly three months ago, we would have violated U.S. secrecy laws by sharing what we write here—even though, as a former director of national intelligence, secretary of homeland security, and deputy secretary of defense, we have long known it to be true. The Chinese government has a national policy of economic espionage in cyberspace. In fact, the Chinese are the worlds most active and persistent practitioners of cyber espionage today.Evidence of Chinas economically devastating theft of proprietary technologies and other intellectual property from U.S. companies is growing. Only in October 2011 were details declassified in a report to Congress by the Office of the National Counterintelligence Executive. Each of us has been speaking publicly for years about the ability of cyber terrorists to cripple our critical infrastructure, including financial networks and the power grid. Now this report finally reveals what we couldnt say before: The threat of economic cyber espionage looms even more ominously.

via McConnell, Chertoff and Lynn: Chinas Cyber Thievery Is National Policy—And Must Be Challenged – WSJ.com.

01/21/12

Iran China Cyber BFF

GaTo tHiNk -that we are naïve not to see the new cyber BFF relationship between these two countries.    Iran feigns that relations between the two countries are “cordial”, but it’s complicated. Iran has spent billions of dollars in it new digital infrastructure and China’s Huawei corporation is taking a big chunk of the cyber dollars as we seen with the US investigations into the company.

Iran-Cyber-Guard Network

Last year China was accused of a number of cyber attacks of espionage and Intelligence gathering and now they are transferring that hacking knowledge to the Iranians. The “Iranian Cyber Army” had hacked a few popular social networking site and claimed their dominance in the cyber world but this was mainly a few Iranians militants now with the purchase of the new equipment the real Iranian Cyber Army is getting it’s feet wet. Iran was accused of hacking in Voice of America Farsi website, Twitter as well as Baidu, Dutch government-funded Radio Zamaneh, which also broadcasts in Farsi. My only question is did they go after China’s Baidu.

**”- With the United States and Israel as the developers of Stuxnet the first cyber weapon to be deployed gAtO can see why the Iranians are worried **”-

The biggest hacking by the Iranian CYber Army to -gAtO was Comodo Group. This was the Dutch certificate authority that the hacker created 9 major fraudulent certificates sites for companies like Google, Yahoo, Microsoft, Skypes and Mozilla. The names say it all these were speculated to be used by the Iranians to monitor it’s own people.

**”- seizing entry to such high-traffic consumer sites looks like a government attempting surveillance of Internet use by dissident groups.**”-

gAtO found out that Chinese agents who began work for the Iranian regime in early 2011, are providing Tehran with significant intelligence information. The Iranian officers who were assigned to contact the Chinese agents are using aliases and claim to be businessmen from other countries. China, which imports 11 percent of its oil from Iran thinks it OK for a little spying (between BFF’s) going as long as they can do the same with Iranians agent recruitment by China.

With the re-election of President Mahmoud Ahmadinejad in March 2, 2012 The Iranian cyber polices will certainly be on the lookout for the protesters that are guarantee to protest empowered by the Arab Spring last year. China will do it’s best to keep the U.N sanctions as open as possible during this time-frame, for Iran as long as trade and their mutual enemies keep hammering them in cyberspace. The enemy of my enemy is my friend.

Last year a PBS and Frontline published the activities of Iran’s Cyber Army have attracted growing notice in the Iranian and international media. The suspicion that the Cyber Army’s constituent hacker groups are connected to the Iranian government was strengthened when, after several sites were hacked, they issued warnings to the Green Movement. The scope of the measures taken by the Cyber Army discredits the theory that a group of Ahmandinejad’s admirers spontaneously carried out such acts. The nature of their communications and of the sites targeted for attack indicate that there are hidden hands (China mAyBe)  that support the Cyber Army.

Let’s hope this BFF relations comes to an end soon. - gAtO oUt

References:

http://www.rawstory.com/rs/2011/03/14/iran-cyber-army-target-enemy-sites/

PBS – Frontline – Pulling the Strings of the Net: Iran’s Cyber Army

http://www.pbs.org/wgbh/pages/frontline/tehranbureau/2010/02/pulling-the-strings-of-the-net-irans-cyber-army.html#ixzz1k7Zsumlg

Iran Cyber-Army Strikes Digital Certificate Authority COMODO

http://www.readwriteweb.com/archives/iran_cyber_army_strikes_digital_certificate_author.php

Irans President Official web site hacked

http://countermeasures.trendmicro.eu/iranian-president-ahmadinejad-official-web-site-compromised/

Cyber recruiting: The Shifting Digital Sands of Online Jihad

http://cyberwarzone.com/cyberwarfare/cyber-recruiting-shifting-digital-sands-online-jihad

01/8/12

“Cyber China” From Operation Aurora to China Cyber attacks Syndrome | Security Affairs

When we think of China in relation to cyber warfare, we imagine an army of hackers hired by the government in a computer room ready to successfully attack any potential target. China is perceived as a cyber power and ready to march against any insurmountable obstacle using any means. In this connection we read everything and its opposite, and we are ready to blame all sorts of cyber threats to the Country of the Rising Sun. The truth, however, is quite different, at least in my opinion, and understands that the Chinese people before others have understood the importance of a strategic hegemony in cyber space. However, many doubts are beginning to gather on the real technological capabilities of China.

It certainly has a high potential for cyber offensive but its quality is really arguable. China has the most extensive cyber-warfare capabilities. It began to implement an Information Warfare strategy in 1995 conducting a huge quantity of exercises in which computer viruses have been used to interrupt military and private communications. In 2000, China established a strategic Information Warfare unit, Net Force, which is responsible for “wage combat through computer networks to manipulate enemy information systems spanning spare parts deliveries to fire control and guid ance systems.” Today The PLA GSD Third Department and Fourth Departments are considered to be the two largest players in China‘s burgeoning cyber-infrastructure.  In November 2011, Desmond Ball, a professor in the Strategic and Defense Studies Centre at Australia’s National University argues that the Chinese offensive capabilities today are pretty limited and he has also declared that the internal security has a bunch of vulnerabilities.

via “Cyber China” From Operation Aurora to China Cyber attacks Syndrome | Security Affairs.

01/4/12

China U.S. Cyber War Coming

China U.S. Cyber War Coming

gAtO sAy -the lack of trust between Washington and Beijing looks only likely to grow. Stuxnet was the first real Cyber Weapon that has been deployed by a nation/state actors and if you think that China does not see the threat, we all need to wake up. Just a few months ago the U.S made public (announced to the world) that their SCADA software (Sunway) has a number of security holes. They could of mentioned it quietly and confidential. This was a slap in the face to the Chinese, at the height of Lulz-Anonymous hackings.

gAtOmAlO - China U.S. Cyber War

Now if you were China and you know that America and/or Isreal created Stuxnet, and now they have the son of Stuxnet “the DuQu virus”(2nd generation)  and we told them that their SCADA is full of holes wouldn’t you start to beat your chess and bang the drums of cyber warfare, screaming saying every one is hacking China too.(True the U.S alone is conducting cyber testing of weapons every day)

Let look at this Cyber Warfare thingy.

Offense and defense in cyber war have distinct characteristics, and they change frequently. Offensive technologies include computer viruses, DDoS (type), EMP bombs, microwave bombs, and computer and microchip backdoors.  For defense, there are network scanners, network wiretapping devices, password breaking devices, electromagnetic detectors and firewalls, and anti-virus software. IMHO -Let me throw these few things out-

https://chinacyberwarfare.wordpress.com/

**__“China also need us as a consumer of their exports, as we are the biggest single market in the world.” — This statement is not really true anymore__**

This is were Americans are dead wrong, it used to be that way but as other countries like the BRIC countries have been growing they themselves have produced what “Mr Henry Ford” did create a middle class that can buy it’s own goods and service. As your people come out of the plow and into a smartphone working at the Apple I-Pad factory they learn, more and more. The Chinese are getting tried of being the cheap labor market and the corruption of the communist party to embrace capitalism is changing their minds quickly.

The sad facts are that while we (America) have been at war for the last 10 years China has been building business relations with every country it can. Money talks and they have made some solid moves. Take the biggest IPO this coming year “FACEBOOK” China has band Facebook from China but they are making a big deal in buying Facebook stocks with Glodman S. The US is looking into this and trying to stall it but, when they buy a let’s say 10% share then they will make Facebook available to the Chinese and WAMO add 50-100 million onto Facebook and that stock will be golden.

As to the all the hacking that China has done last year alone we cannot do a thing, not because we can’t but the relationship that we have with China is economics and they got us by the short hair there.

I compiled this bit of info that may open eyes— United States-China Economic and Security Review Commission

https://chinacyberwarfare.wordpress.com/2011/09/14/united-states-china-economic-and-security-review-commission-2/

We threw China a message a while back by exposing the weak links in their SCADA systems:

https://chinacyberwarfare.wordpress.com/2011/07/24/critical-infrastructure-vulnerable-to-holes-in-chinese-scada-software-threatpost/

And let’s not forget one of my Hero of 2011 Dillon Beresford – he took on CHina and found out that they were wide open. I followed and verified some of his findings and found even more open doors. You see the culture in China is all about saving face. You may of done bad work but when your boss disgraces you, you move and fix the problem, at least you think you fixed it, the pool of educated security people in CHina is low that they can’t,  so their defenses are down today.

https://chinacyberwarfare.wordpress.com/2011/07/30/glass-dragon-chinas-cyber-offense-obscures-woeful-defense-threatpost-2/

- China and the US will be at war in 2012 just how bad it’s going to get— will see.  That’s my 2 cents

gAtO tHiNk – China and Russia will use Iran as a proxy to get what they want and in so doing it they will train and arm Iranian with the needed infusion of technology and education. They do have oil and especially China needs it to make sure of it’s growing economy.

Let me add N. Korea to this mix because of the close ties with China. In N.Korea the new leader the son of the father will have to show the world where he stands as a show of power. Better yet if Obama get’s N. Korea to open up a bit it would be a political move that could help him in the elections this year. Kin Jr. could open N. Korea to the world and make it better for it’s people or they could take the hard line with China support. The could be another proxy for China or Russia.

Both Iran and N. Korea claim of a new super cyber army recently and that was a message to the world, cyber warfare will come – ready or not… gAtO oUt -