Industry chain behind hacker attacks on government websites
Updated: 2011-03-30 17:59
BEIJING – Two young men, Fan Dongdong and Wen Chao, who have only a junior high school education, received 18- and 12-month sentences for hacking into the website of the country's Supreme People's Procuratorate - the top agency for legal supervision - and more than a dozen other government websites.
Xin Zuguo, a judge with the People's Court of Chaoyang District in Beijing, said this was not an isolated case. From May 10 to 16 of last year, 81 government websites on the mainland were hacked and altered, including four ministry-level websites, according to the National Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT/CC).
The rampant hacking against government websites is aimed at making illegal profits, and an "industry chain" already exists, Xinhua reported.
Fan Dongdong of Urumqi, Xinjiang Uygur autonomous region, and Wen Chao of Jiangyou, Sichuan province, both 20, also hacked the websites of the Quality and Technical Supervision in Changsha city, Quality Supervision in Qinghai province, e-Governance of Fushun city, Archives of Gaoming District in Foshan city, and Standing Committee of National People's Congress in Chuxiong Prefecture in Yunnan, from March to May 2010. They modified the website source code and planted links to boost the search engine ranking for some websites.
Fan and Wen, who never studied computer programming, learned that they could make money by putting links on the infected government websites through online chats. Then they learned basic programming skills from video courses and bought passwords to log into the hacked government websites through A5 and other forums.
"We didn't know how to get the passwords and the link codes, so we bought them. One password costs 10 yuan ($1.50) and one link code costs 4 to 7 yuan," Fan said. Fan used the passwords to log in to the websites and add links for customers.
Wen Chao was accused of posting online threads to lure potential "customers" with marked prices ranging from 4 yuan (50 cents) to 7 yuan ($1) for each illegal link. For his part, Fan put key words such as "Legend Service," "Car Trading," or "Study in the US" in the links that were secretly added to the website codes on those sites. The customers could trace their links by logging on to www.linkhelper.cn . The accused made a profit of 6,000 yuan ($892) in three months.
A simple profit-making route involves buying access to the hacked websites and hacking software, advertising for "customers," adding in links in the government websites and maintaining them, and charging online or via remittance.
Two steps are involved in hacking into government websites:
First, decipher and control the website, or commonly known as "conquering the website." Second, enter by a backdoor or "houmen" program to crack into the website and make profits.
Four steps to "conquer the website"
First, be familiar with the website and collect information. Preview the Web pages, including the content and design. Search for the domain names on the Internet and its registration details.
Second, search for any security loopholes and decode. Hackers usually use their tools to find possible safety loopholes and decode them to acquire the user name and password of website administrators.
Third, detect the portal and break into the website. Hackers will search for administrator access portals after decoding.
Fourth, install "backdoor" program to control the website. After logging onto the administration system, hackers can install Trojan programs in order to upload, download, modify or delete files.
The second step:
Hackers make profits by using hacking skills. Hackers tout the hacked websites, or "sell the loopholes," estimated at 10 yuan each.
With access to the server, the hackers can log onto the administration system to launch attacks in three ways:
First, planting Trojan viruses and selling page views. The attack targets are usually websites with large page views but also security holes. Through planting viruses on the government websites, hackers can get the saved-in-computer information about bank accounts, game accounts and passwords, QQ instant messaging numbers, videos, and pictures via remote control. The hacked computers then become zombie computers.
The hackers usually charge on the base of the Web page traffic produced by Trojan software. They can even use the large amount of zombie computers to build a "botnet" to carry on network attacks, and finally lead to a meltdown of the website.
Second, implanting malicious links to enhance page views. Hackers often implant links for game or shopping websites into some government-related websites. When people visit the government websites, the hyperlinked websites will open simultaneously. For the high ranking of government websites in the search engine, the hyperlinked websites can also get a boost in page views.
Third, modifying, adding and deleting information on government websites. Hackers get illegal profits from people who have specific needs through modifying the content of government websites.
Daughter and son are beginning to take over the family business of making shoes.
The new stars of Chinese animation are edging out old childhood icons like Mickey Mouse and Hello Kitty.
High-Tech touches to traditional tombsweeping festival help environment