The Chinese Are Attacking

Scanners used to track shipments of goods all over the planet are infected with Chinese malware. Here are some of the things it does.

The scanned data (origin, destination, contents, value, to, from, etc.) was copied and sent out to an established comprehensive command and control connection (CnC) to a Chinese botnet that was terminated at the Lanxiang Vocational School located in the “China Unicom Shandong province network”. The Lanxiang Vocational School has been linked to on-line attacks of Google and implicated in the Operation AURORA attack. The Chinese scanner manufacturer is located blocks away from the Lanxiang Vocational School.

A second payload was then downloaded from the botnet that established a more sophisticated CnC of the company’s finance servers giving the cybercriminal access to corporate financial data, customer data, detailed shipping and manifest information.

The exfiltration of all financial data as well as CRM data was achieved providing the attacker complete situational awareness and visibility into the shipping and logistics targets worldwide operations.

Chinese technology. Buy it at your own risk. And this is not the first warning.

You may recall I wrote something on this general topic a few months back. It was about the Smart Grid. And had a James Woolsey video.

It would be a hacker’s dream. He mentions a hacker in Shanghai. I think what he really means is a Chinese Cyber Warfare agency. That would be P.L.A. Unit 61398 on the outskirts of Shanghai.

Shandong, China and Shanghai, China are about 150 miles apart. Jinan, China, where the Lanxiang Vocational School is located, and Shanghai are about 450 miles apart.

Another article I wrote attacking the “Smart Grid” as a stupid idea. In 2008. Cyber Attacks On Power Generation.


Posted

in

by

Tags:

Comments

One response to “The Chinese Are Attacking”

  1. Neil Avatar
    Neil

    Too bad it’s nearly impossible to buy a laptop that isn’t made in China.