Major hacking syndicate busted in China

The gang is thought to be responsible for attacking 185 government sites in 30 provinces and autonomous regions. It made money by creating and selling fake documents, but then “tampered with official databases or added links to external databases so that if anyone checked up on the fake certificates, the client's name would appear," said Chen Xiaoping, head of Jieyang police's cybercrime unit. By July 12, police had arrested 165 people, confiscated more than 7,100 fake certificates and at least 10,000 fake seals, and are still hunting for more members of the gang, says the report. The Jieyang police claim that more than 30,000 people have bought fake qualifications made by the gang.

Profits generated by the scheme are claimed to be in excess of 300 million yuan. “They have a strong idea on how not to get caught,” said Chen. “They used overseas servers and bank accounts of strangers, whose details were bought online.”

What isn’t clear from the report is whether the gang leaders have been arrested. Most of the suspects quoted appear to be ‘foot soldiers’ being paid for services. One “had been earning 3,000 to 5,000 yuan a month for transferring personal data to hackers since mid-2010,” claiming it was easy money. The youngest, aged 18, “admitted hacking government websites for 300 to 1,200 yuan a time, according to police.”

But what is clear is that Chinese hackers are following the same path their Western counterparts – and Chinese law enforcement is seeking the same legal changes as Western law enforcement. According to the police, hackers who once used to attack government websites to show off their skills, “now do it to make money.” The solution is greater ‘co-operation’ from the ISPs. Chen calls for “laws and regulations to strengthen the obligations of Internet service providers to verify users' information.” The report notes that while “websites in Europe and the United States are required to maintain records of visits for 12 months, websites in China are only required to maintain records for 60 days.”

What’s hot on Infosecurity Magazine?