Source: James T. Areddy, Wall Street Journal
WUHAN, China—Some of today’s biggest cybersecurity worries trace their roots to this central Chinese city, where a hacker with a junior high school education slapped cartoon pandas onto millions of computers to hide a destructive spy program.
The Panda Burns Incense computer worm, created by 27-year-old Li Jun, wreaked havoc for months in China in 2006 and 2007, eventually landing Mr. Li in jail. Jumping one computer to another by tricking users into opening what appeared to be a friendly email message, the Panda funneled passwords, financial information and online cash balances from game Web sites to Mr. Li’s cohorts—leaving a panda as its calling card.
When Google Inc. last month alleged that it and more than 20 other companies were breached in a cyberattack it traced to China, the attack, dubbed Aurora, appeared orders of magnitude more complex than the Panda attack. Unlike the Panda attack, which left a calling card and spread quickly and randomly, the perpetrators of Aurora targeted specific employees within the companies they attacked and went to great lengths to cover their tracks.
People’s Republic of Hacking
Published: February 19, 2010