The first real public glimpse we had of Chinese technical prowess relating to hacking and security was in 2001, when the damning Code Red worm propogated, changing HTML to contain the ‘Hacked by Chinese’ slogan.
In 2002, the netXeyes Chinese group, and its members came up with some interesting Windows NT / 2000 / XP related hacking tools, in particular:
The premier piece of software in the netXeyes armory however is a system called Fluxay. Recognized as a backdoor or Trojan by Symantec and Sophos at the following locations:
Fluxay is essential an all-singing all-dancing Trojan horse and active hacking system, the damn thing can even perform ARP redirection and sniffing, then send the results to the attacker via an SMS text message! The netXeyes Fluxay 5 manual (all 158 pages) is accessible here, and the software itself can be downloaded from the following:
You can browse through netXeyes’ releases in 2002 and 2003 using the following URLs:
Two other prominent groups that have released exploits for mainly Microsoft Windows bugs (the RPC DCOM bugs that the Blaster and Nachi worms used come to mind) are xfocus and cnhonker. Over the last 12 months we’ve seen an increase of potent exploits being released by xfocus and cnhonker in particular, including use of pretty smart exploitation techniques. I certainly think that in 2004 and the future, Chinese exploit and worm development will increase, leaving the west behind.
This used to be the other way around, though. I remember back in 1997 and 1998 when serious remote vulnerabilities were being found and published by hackers in the United States and western Europe. Companies in the east (Japan and Korea in particular) were very very slow on the uptake of this threat information, resulting in thousands of incidents. Nowadays there are Spanish, Japanese, French, and other specific mailing lists to provide security professionals and administrators with the information they need, but what happens when all the hacking sites and tools are in Chinese?
Well that’s my 2 cents, please leave any links to other Chinese sites, or comments below..