Ghostnet: China’s massive spynet uncovered

April 1, 2009

Source: Canada’s National Post as referred by Kovacs in our Techy News Pics thread.

NSA

It looks like the NSA(T&T) has some competition in the domestic spying game… and they may be targets themselves.

The Biggest Brother. While the UK is well on its way to being a security-surveillance police-state, and America’s plans are apparently “on hold” for now, it would seem hard to imagine another nation attempting to lay claim to the “Big Brother” title. But China has been doing just that, according to a recently released report from researchers at the University of Toronto. A ten-month investigation has turned up some 1300 infected systems worldwide, including high-value government computers like those of the exiled Tibetan government and the Dali Lama. A full report can be downloaded from here.

 

Vulnerability detected between keyboard and chair. The way the infection was spread sounds typical: e-mails were sent with a trojan attached, the user unwittingly opens the attachment and infects his system, and the infected system uploads sensitive files to China and spreads even more e-mails where the user unwittingly opens the attachment…

What happens after the initial infection:

“The GhostNet system directs infected computers to download a Trojan (horse) known as ghOst RAT that allows attackers to gain complete, real-time control,” the authors write in Tracking GhostNet: Investigating a Cyber Espionage Network.

“Our investigation reveals that GhostNet is capable of taking full control of infected computers, including searching and downloading specific files, and covertly operating attached devices, including microphones and web cameras.”

Dalai Lama (Associated Press photo)

The Dalai Lama expresses how he feels about China’s regime

Other Ghosts on The Net? While the Ghostnet is concentrated more on Asia, there’s a possibility that American systems have also been infected, though no reports about such infections have surfaced… yet.

Americans being spied on by foreign nations may not be new, but The Student Operated Press raises concerns about the US cybersecurity scheme, and even worse, that a post-9/11 paranoia-infected Department of Homeland (in)Security has its own Ghostnet:

Robert Paul Reyes (S.O.P.):

I hope that the CIA is taking serious precautions to safeguard our military and intelligence computer systems. I`m confident that they are running their own GhostNet operations to keep track of our many enemies throughout the world.

But what I fear the most is that the Department of Homeland Security has a GhostNet operation to keep track of Americans. Under the guise of fighting terrorism the Bush administration wiretapped the phones of Americans without obtaining a warrant from the courts.

What Ghostnet is about may be scary, but it’s small fries compared the what Conficker may have to offer…

This post has been filed under HackZ AttackZ!, News as Cyberpunk by Mr. Roboto.

BBC Builds a Botnet.

March 14, 2009

Source: BBC Click

The BBC News’ program CLICK built a botnet to show what damage they can do.

You got spammed! We’ve had to deal with it, spam in our emails, and while filtering has gotten better at removing the crap, the spammers have devised even more powerful ways of insuring that your inbox chokes. The most sinister of them all is the botnet, innocent home computers that have been infected to make remote use possible.

This week, the BBC’s tech news program Click built their own botnet of 22,000 computers to perform two tasks. First, they had the net spam a couple of email addresses they set up for the test. Next, they use the net to launch a DDoS attach on a security site owned by Prevx.

The results: The inboxes choked while the site ground to a halt.

To give you an idea of what botnets are out there and the potential damage they can do, check out this list of the top spam botnets.

 

Is this even LEGAL? To build the botnet, the BBC posed as “customers” to purchase the software that infects computers to make the botnet. That would seem to be no different than an undercover agent looking to gather evidence of hacking, only the BBC didn’t need a warrant. The attack on the Prevx was done with the company’s approval on a backup site. This would like a “test” for a tiger-team to see if they are able to do a bigger hack. Companies hire hackers (”white hats”) to regularly test their security, or ethical hackers will do so while leaving messages of possible weaknesses.

What the BBC did may border on journalism and legality, but they do had a good reason for doing this:

A lot of the debate has been about whether we did the right thing digging into the murky world of hackers and organised cybercrime. In seeking to demonstrate the threat, had we put ourselves in the position of those we wanted to expose?

That’s always a good question. After all, we could have simply described what we believe happens and given some warning advice, couldn’t we? We’ve done this in the past. So have many others…

But hacking has gone professional. Today, your PC can be doing bad things to other people without you even knowing. It’s a major growth area for organised crime: it’s global, and very local to all of us who work, communicate and play on the world wide web.

So we felt that there was the strongest public interest in not just describing what malware can do, but actually showing it in action. A real demonstration of the power of today’s botnets – to infect, disrupt and damage our digital lives – is the most powerful way to alert our audiences to the dangers that they face. It’s a wake-up call to switch on that firewall and improve our security on the internet.

We think that what we did was a first for broadcast journalism. We were amazed by the ease of use of the botnet, and the power of its disruptive capacity.

They have since disabled the botnet.

 

Was this power trip really necessary? People will question whether the BBC’s use of a botnet was required, but there’s no question that there will always be security holes in the system. Linux and Windows users have known this, and OS X users will soon learn this lesson the hard way.

Remember: No amount of software patching will ever close the security hole between the keyboard and the chair.

This post has been filed under HackZ AttackZ!, News as Cyberpunk by Mr. Roboto.

The Freehacker’s Union, because “Business Is Killing The Art Of The Hack”

August 26, 2008

Source: Zed Shaw’s blog, The Freehacker’s Union

When Zed Shaw lost his V.P. job because Bear Stearns went FUBAR, he found himself with more free time (and severance $$$$$) than he can handle. So now he wants to start a special group for hackers:

This rant is about an idea I have for a group of geeks who fight to keep the art of hacking and invention alive. I want to call it The Freehacker’s Union. I want it to be against business, against the coopting and destruction of geek culture, and for preserving hacking and invention as methods of personal artistic expression.

His profile does make him sound like a dick, but he seems to have the tech ability to back it up. Plus his idea of a hacking group devoid of the co-opting that businesses and crime groups are now doing has to be good news for old-school hacker purists.

 

Really, what’s his motivation? “This town needs an enema,” proclaims Zed as he describes the New York City hacking scene being co-opted and corrupted. He remembers when hacking was for the adventurous, not venture capitalists:

Then it hit me, it’s the business that’s killing tech in this city. The business of technology in New York values douchebag asswipes and “idea guys” over the real people who built this world. Their ideas are shit, but because they have an MBA from Columbia (they didn’t do much to earn) they are listened to and valuable. Me and the other hackers are just tools, cogs, and slave labor designed to be subservient to a real man’s passions.

The problem is, because none of these dicks do anything they don’t know what’s a real technically challenging innovation. They would rather try to make a little bit of money making a slightly better version of whatever everyone else is making. They want the lottery tickets and the fast payout where they take all the fucking money and trade the geeks over to Google or Microsoft like some fucking slave exchange.

Zed’s rules of The Freehacker’s Union:

I want the rules of The Freehacker’s Union to be:

1. If it’s art, wires, or code you can bring it. This will be our triad: art/wires/code. Remember it.
2. NO FUCKING BUSINESS ASSHOLES This isn’t your personal fucking recruiting station. Take your “game changing” ideas and fuck the hell off.
3. If you can’t sling at least one of the three in the A/W/C triad then you can’t come. No exceptions.
4. Everyone who attends has to eventually show something. If it’s your first night, you have to present something. It can be anything, but you gotta show that you belong. If you can’t then you can’t come back until you can. For those who absolutely can’t talk in front of people, you can get someone to show your stuff on your behalf.
5. No girlfriends or boyfriends unless they’re hardcore too. Keep your fucking groupies at home.
6. Organized using simple software that’s open. No special hidden jabber servers, no yahoo groups, no fucking evite or someone’s favorite latest startup website. Just a simple mailing list, a website anyone can manage, and maybe a channel on IRC.
7. Frequent meetings at a regular time and spot. I like twice a month, but hell if people can handle more then I want to do it.
8. Clear guidelines on how to become a member, including the benefits and responsibilities.

Other than that, I’m open to suggestions. I’m going to be doing more writing on this subject, and coming up with ideas with friends, and then I’ll announce our first meeting. If you have thoughts, or you want to attend, then let me know.

If you’re an Alpha Biz Guy then fuck off. I don’t want to hear about how you can kick my ass and how I’m never going to get hired again.

I don’t give a fuck about you, I just want to hack and you’re fucking that up for me.

Let the games begin!

 

The Freehacker’s Union now has a site where you can check to see if you want to join a local or possibly start one.

Sounds like this could be fun…

This post has been filed under HackZ AttackZ!, Internet Find by Mr. Roboto.