Wicked Rose
Encyclopedia
Wicked Rose is the pseudonym
Pseudonym
A pseudonym is a name that a person assumes for a particular purpose and that differs from his or her original orthonym...

 of a Chinese hacker responsible for developing the GinWui rootkit
Rootkit
A rootkit is software that enables continued privileged access to a computer while actively hiding its presence from administrators by subverting standard operating system functionality or other applications...

 used in internet attacks during the summer of 2006. It has been suggested that he works for the Chinese Army
People's Liberation Army
The People's Liberation Army is the unified military organization of all land, sea, strategic missile and air forces of the People's Republic of China. The PLA was established on August 1, 1927 — celebrated annually as "PLA Day" — as the military arm of the Communist Party of China...

.

Tan Dailin was a graduate student at Sichuan University when he was noticed (for attacking a Japanese site) by the People’s Liberation Army (PLA) in the summer of 2005. He was invited to participate in a PLA-sponsored hacking contest and won. He subsequently participated in a one-month, 16-hour-per-day training program where he and the other students simulated various cyber invasion methods, built dozens of hacking exploits, and developed various hacking tactics and strategies. He was chosen for the Sichuan regional team to compete against teams from Yunnan, Guizhou, Tibet, and Chongqing Military Districts. His team again ranked number one and he won a cash prize of 20,000 RMB.

Then, under the pseudonym Wicked Rose, he formed the Network Crack Program Hacker (NCPH) Group
Network Crack Program Hacker (NCPH) Group
The Network Crack Program Hacker group is a Chinese hacker group based out of Zigong in Sichuan Province. While the group first gained notoriety after hacking 40% of the hacker association websites in China, their attacks grew in sophistication and notoriety through 2006 and received international...

and recruited other talented hackers from his school. He found a funding source (an unknown benefactor) and started attacking US sites. After an initial round of successful attacks, his funding was tripled. All through 2006, NCPH built sophisticated rootkits and launched a barrage of attacks against multiple US government agencies. By the end of July, 2006, NCPH had created some 35 different attack variants for one MS Office vulnerability. During the testing phase, NCPH used Word document vulnerabilities. They switched to Excel and later to PowerPoint vulnerabilities. The result of all of this activity is that the NCPH group siphoned thousands, if not millions, of unclassified US government documents back to China.

External links

The source of this article is wikipedia, the free encyclopedia.  The text of this article is licensed under the GFDL.
 
x
OK