'Panda' Exploit Offers Rare Inside Look at China's Cybercrime Networks
FEBRUARY 20, 2010
WUHAN, China—Some of today's biggest cybersecurity worries trace their roots to this central Chinese city, where a hacker with a junior high school education slapped cartoon pandas onto millions of computers to hide a destructive spy program.
The Panda Burns Incense computer worm, created by 27-year-old Li Jun, wreaked havoc for months in China in 2006 and 2007, eventually landing Mr. Li in jail. Jumping one computer to another by tricking users into opening what appeared to be a friendly email message, the Panda funneled passwords, financial information and online cash balances from game Web sites to Mr. Li's cohorts—leaving a panda as its calling card.
China rejects as nonsense that it is a hacker haven. "The government has never supported or been involved in cyber attacks, and it will never do so," Peng Bo, an official with the State Council Information Office's Internet Bureau, told state media in mid-February. "In fact, China is the country worst hit by worldwide hackers."
"As for Chinese hackers, their overall technological skill isn't as good as American or Russian hackers," Mr. Li said in an email, answering questions from the Wall Street Journal. "However, China has the biggest population of hackers in the world." Noting his own communication with foreign hackers, he added, "I often downloaded hacker software from their sites to compare them with programs I wrote or other Chinese hackers wrote."
SOURCE : The Wall Street Journal - Asia Edition