On Mon, Dec 28, 2020 at 12:13 PM coderman <[email protected]> wrote: > > > ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ > On Monday, December 28, 2020 4:10 AM, Karl <[email protected]> wrote: > > ... > > always sketchy when somebody says it's known who did an international > > hack. implies either international hackers don't know how to actually > > hide who they are, government security workers place blame too > > readily, the public is being lied to, or the international security > > communities are staring at each oter all day, letting each other do > > everything, only stopping it afterwards. or all of those, i suppose. > > am i wrong? > > > you're right. i should have said *most likely* china. > > the way they (industry) attribute hacks is multifaceted. some information > comes from the exploits used, which give clues to nationality, past activity, > and technical capability. > > the best hints are given by underlying infrastructure. if China builds an > infrastructure to attack target X, Y, Z, then that same infrastructure > attacks Q, you know that Q was attacked by China. (most likely :P
if a normal cracker thought of this, they would of course compromise somebody else's infrastructure and use that, as a norm. i think crackers think of things like that, if they are able to do them, which they usually are. back when i paid attention to things, random crackers were way more knowledgeable than government or corporate employees. > the wikipedia page does a good job summarizing the evidence: > """ > The overwhelming consensus is that the cyberattack was carried out by > state-sponsored attackers for the Chinese government.[4] The attack > originated in China,[6] and the backdoor tool used to carry out the > intrusion, PlugX, has been previously used by Chinese-language hacking groups > that target Tibetan and Hong Kong political activists.[4] The use of > superhero names is also a hallmark of Chinese-linked hacking groups.[4] when i found the trojans on the activist computers in west virginia around 2013, they were modified forms of a chinese trojan used for credit card theft, that didn't appear to be publically documented. i'd never investigated a trojan much before. my perception was that crackers lived all over the world, and got paid very well. i don't know much about it.
