Politics, society, culture, freedom, democracy, Tibet, Thailand, Indonesia, Aceh, Southeast Asia, China, human rights, and any other subjects which are of interest to either Agam of Tapaktuan, or his unruly gecko.
The author may be contacted at agam [dot] tapak [at] gmail [dot] com Posting times are Bangkok time [GMT+7 = EDT+11].
The author may be contacted at agam [dot] tapak [at] gmail [dot] com Posting times are Bangkok time [GMT+7 = EDT+11].
SEARCH THE GECKO
TIBET INFO LINKS
   |
   |
BURMA FREEDOM VIDEO
E a r l i e r P o s t s
PROTEST AT RAGYA
Ragya, Machen County, Golog Amdo
March 21, 2009
March 21, 2009
UNDER ARREST
Lhasa region or city (unknown)
Date unknown
Date unknown
Search the web with 
M o n i t o r s
Quotation of the Day
Website content
provided by The Free Dictionary
W A I
Our way of saying "thanks" in the Thai way. Here a nak muay Thai (kickboxer) offers respect and thanks for his teacher (wai khru) before a match. This is our local variation on the ubiquitous "hat tip" used in general blog culture.
A r c h i v e s
T i b e t
His Holiness the 14th Dalai Lama Tibetan Government-in-Exile
Tibet Information Network
Tibetan Committee for Human Rights and Democracy
International Campaign for Tibet
Canada-Tibet Committee
Phayul News
Australia Tibet Committee
Tibet Justice Center
Tibet Daily
Tibet Online Resource
Virtual Tibet Library
Dreams of Tibet
S o u r c e s
Memeorandum Snopes: Urban Legends
BBC | Monitoring
MEMRI
SITE Institute
A s i a P a c i f i c
Yahoo! News Asia The Jakarta Post
Paras Indonesia
Metro TV News Online
The Nation
Bangkok Post
Democratic Voice of Burma
Irrawaddy News
Mizzima News
BurmaNet News
Burma NewsLadder
Southeast Asia News
Sydney Morning Herald
The Australian
Home
Agam's Gecko
Sunday, March 29, 2009
MASSIVE CHINESE CYBER-SPY NETWORK UNCOVERED
 |
| R |
esearchers at the Canada-based Information Warfare Monitor, and at Cambridge University, UK, have uncovered an extensive and sophisticated cyber-espionage network operating from China, which has infiltrated Tibetan institutions in exile, as well as embassies and foreign ministries of over 100 countries. The main group of researchers, based at the University of Toronto's Munk Centre for International Studies, had been contacted after the computer security people at the Office of His Holiness the Dalai Lama suspected malicious intrusions almost two years ago.
Based upon a malware program known as "gh0st RAT" — a Trojan which gives attackers complete, real-time control over an infected computer — the China-based network has been dubbed "GhostNet", and has infiltrated more than 1,200 computers belonging to diplomatic, political, economic and military targets. The network particularly focused on governments in South Asian and Southeast Asian countries. A comparison graphic shows a high penetration in this region, but targets were also found in North and South America, Europe and Africa.
 Asia is well-covered by China's Gh0st RAT thieves. Source: InfoWar Monitor |
The gh0st RAT software is remarkable in that, after it is secretly installed (by opening an infected email attachment or visiting a malicious website), the spies and thieves in China are able to operate the infected machine just like its own user. They can even switch on any web-cam present, enabling them to watch or listen to what the actual user is doing or saying.
Most of the servers controlling the network are based on Hainan Island in China, although one is located in southern California. The control interface is in Chinese. Evidence shows that information known to have been stolen by this network was immediately put to intimidating use by the Chinese government.
The Times contacted the Chinese consulate in New York for comment on these revelations, and the response was predictable.
"These are old stories and they are nonsense," the spokesman, Wenqi Gao, said. "The Chinese government is opposed to and strictly forbids any cybercrime."The two Cambridge researchers focused on the attacks against Tibetan organisations in exile, and concluded that they were designed "to collect actionable intelligence for use by the police and security services of a repressive state, with potentially fatal consequences for those exposed." Shishir Nagaraja and Ross Anderson have made their findings available in a freely downloadable report: "The snooping dragon: social-malware surveillance of the Tibetan movement".
The larger report by the Canadian researchers has been placed into the Scribd file-sharing site, but is downloadable only by registered members. However it does provide for embedding the documents, so here you go. It will be too small to read comfortably at this size, but just click the Full Screen Toggle on the right side of its tool-bar.
.
- posted by Agam @ 6:32 PM 2 comments
2 Comments:
People can put folded cards to cover up their computer cameras like I do, and that would take care of the video, right? But how do you 'cover' your audio? I'm mystified. Any clues? And how do you get checked for the malware?
By 
, at
31 March, 2009 00:07
* * * * * * *
I never use a camera, so I don't have one, and rarely plug a mike in. Laptops have that stuff built in, though.
Anything you do to disable audio input in your system, could be just re-set by whomever else is having full real-time access. Scary stuff.
I would think a good firewall will alert when a new program accesses the internet. That would be a good place to check - look at the list of permissions given to programs, and see if there's one you don't recognise.
There are some free malware checkers that I imagine will have it in their databases soon if not already. I use "
Spybot Search and Destroy" because I like the name (it actually works well too).
By 
Agam, at
31 March, 2009 02:11
* * * * * * *
