Hacker’s Angst Opens Window on Cyber-espionage
Following the Mandiant report that exposed a major hacking group linked to the People’s Liberation Army, the Los Angeles Times has now tracked down the personal blog of one of the alleged hackers. In the blog, which was active between 2006-2009, the 25-year-old hacker describes his work as well as his own frustrations with the low pay and long hours of the job. Richard Bejtlich, Mandiant’s security chief, calls the blog entries “the most detailed first-person account known to date of life inside the hacking establishment”:
In the blog, Wang did not disclose which unit he worked for, but he made it clear that he was wearing a uniform and carrying a military badge. He described his building as being far from the Shanghai city center, one of his many complaints.
One of his first tasks was to improve on a Trojan virus known as Back Orifice 2000, which is designed to remotely hijack a computer system to steal information.
In July 2007, he boasted that his virus had successfully escaped detection by three leading detection programs made by McAfee, Symantec and Trend Micro, but that it didn’t get past a fourth, Kaspersky. He also described another assignment: write a virus that would detect any USB storage device attached to a computer and copy its files. The virus was a success and Wang’s boss was pleased.
“If we’re lucky enough, we might be able to complete this year’s target and earn a year-end bonus for everyone,” Wang wrote with enthusiasm.