With Chinese president Hu Jintao’s White House visit now in the national rear-view mirror and concerns over his country’s rise to prominence still a hot topic, all eyes and ears are set to the east. A recent report detailing a cyber attack apparently carried out by Chinese hackers, however, certainly won’t ease tensions.
News broke yesterday that Chinese hackers had walked away with “gigabytes of data” from the public web sites of five unnamed Western energy companies. McAfee, which is investigating the electronic incursions, named them “Night Dragon” – proving once and for all that even online security firms have a sense of humor. The attacks have allegedly been underway for years, with the security company scrutinizing them since late 2009.
According to McAfee’s analysis, “Night Dragon” employed some basic tools which allowed the hackers access to their targets, including SQL-injection techniques, password cracking and RAT malware. Despite the methods being “relatively unsophisticated,” that crudeness is what contributed to their power concludes the report.
McAfee alleged the locus of “Night Dragon” is Heze City in Shandong Province, but confirmed there was “no direct evidence to name the originators of these attacks.” The company also claimed it discovered one person who could prove vital in identifying other major players behind the attack.
The individual, claimed the report, “runs a company that, according to the company’s advertisements, provides ‘Hosted Servers in the U.S. with no records kept.’ The company’s U.S.-based leased servers have been used to host the zwShell C&C application that controlled the machines across the victim companies.”
More on this hilariously-named attack as it develops. (via computerworld)