Meet the 3 Chinese Hackers Pwned by Mandiant
| Tue Feb. 19, 2013 2:41 PM PST
Jack Wang, a.k.a. Wang Dong, a.k.a. UglyGorilla
Greenfield would soon become one of those troops, according to Mandiant. When he registered for the China Military site, he gave his real name as "Jack Wang" and the email address uglygorilla@163.com—details that would later be associated with the hacker known as UglyGorilla. That October, UglyGorilla registered the hacker zone HugeSoft.org, a name that, as Bloomberg has reported, "combines two common descriptors of a gorilla, along with sub-domains like 'tree' and 'man.'"
In 2007, UglyGorilla authored the first known sample of a widely used family of Chinese malware and brazenly left his signature in the code: "v1.0 No Doubt to Hack You, Writed by UglyGorilla, 06/29/2007."
DOTA, a.k.a. Rodney, a.k.a. Raith
DOTA may have taken his or her name from the video game "Defense of the Ancients," commonly abbreviated DotA. The name shows up in dozens of email accounts that DOTA created for social engineering and phishing attacks, according to Mandiant. It appears Mandiant was able to hack some of these accounts, allowing them to get DOTA's phone number (a mobile phone in Shanghai) and the username of DOTA's (blank) US-based Facebook account, where DOTA registered as female. Mandiant published a screen-grab of one of DOTA's Gmail accounts:
Mandiant linked some of DOTA's other passwords to a pattern that seems to be associated with Unit 61398, the PLA's cyberwar division.
Mei Qiang, a.k.a. SuperHard
Similar to UglyGorilla, Mei Qiang signs much of his work by embedding his name into the code. His malware is often signed "SuperHard" and his Microsoft hacking tools are altered from "Microsoft corp." to "superhard corp."
SuperHard primarily works on tools used by other Chinese hackers; he's probably employed in APT1's research and development arm, according to Mandiant. He has also volunteered to write Trojan software for money. Mandiant researchers gained access to some of the hacker's internet accounts. They believe he (or she; it's hard to know) used the email address mei_quiang_82@sohu.com, which, based on Chinese habit, suggests that the user is named Mei Quiang and born in 1982. They also traced SuperHard to Shanghai's Pudong New Area—information that should give US security experts plenty of leads, assuming the hacker hasn't been fired yet.
2 comments:
alesse din canada http://alessegg25.carbonmade.com/projects/4679994 alesse generic lutera [url=http://surveys.questionpro.com/a/TakeSurvey?id=3418672] birth control alesse generic side effects[/url] alesse en continu regles common side effects of alesse 28 years alesso matthew koma acapella
mamoleptino321
alesse birth control reviews side effects http://surveys.questionpro.com/a/TakeSurvey?id=3418823 mike alessi wiki [url=http://www.world66.com/member/alesse_d8gus2b33d8/] alesse birth control pill[/url] https://startsomethingwithalesse.ca alessi toaster best price alesso years zippy matthew koma
http://www.jdmforum.com/car-talk/186524-alesse-reviews.html#post343989 http://blog.speedtechindia.com/2009/05/gi-fi-latest-research-in-wireless-technology.html/comment-page-1#comment-10559 http://www.izvp.com/view/68220 http://eric-szmanda.net/wp/?p=357#comment-86574 http://www.wakah.com/reelay2/?p=22#comment-23
alesse pilule effets secondaires http://archive.org/details/scaposunab alesse canada contest [url=http://archive.org/details/armonerneu] alesse 28 birth control effectiveness[/url] filme alese online gratis cu subtitrare alessi laser shot watch price birth control pill alesse 28
I've been exploring for a little for any high quality articles or blog posts in this sort of house . Exploring in Yahoo I at last stumbled upon this website. Reading this information So i am satisfied to exhibit that I've a very excellent uncanny feeling I discovered exactly what I needed.
I most certainly will make certain to do not forget this site and
give it a look regularly.
Here is my webpage: Quick Links
Post a Comment