According to the CBC, a group of Canadians have discovered a massive espionage network based in China that has “pwned” the computers of governments and private organizations in 103 countries:
The researchers said the spy network, dubbed GhostNet, infiltrated at least 1,295 computers, many belonging to embassies, foreign ministries and other government offices, as well as the Dalai Lama’s Tibetan exile centres in India, Brussels, London and New York.
“Significantly, close to 30 per cent of the infected computers can be considered high-value and include the ministries of foreign affairs in Iran, Bangladesh, Latvia, Indonesia, Philippines, Brunei, Barbados and Bhutan,” the researchers said.
Other compromised computers were discovered at embassies of India, South Korea, Indonesia, Romania, Cyprus, Malta, Thailand, Taiwan, Portugal, Germany and Pakistan.
The list continues with the network infiltrating economic organizations in Southeast Asia, news organizations, and an unclassified computer located at NATO headquarters.
Although almost all the hackers were based in China, the researchers could not say whether they are working for the government.
Given that there’s very little that can be done in China without the approval of the government, it seems to me that it would be highly unlikely that the Chinese government isn’t somehow involved in this. But according to their sock puppet spokesperson, that’s not the case:
The spokesman, Wenqi Gao, told The New York Times these are “old stories” and “nonsense.”
Sure. As if we really expected you to say anything else.
In any case, the victims get marware installed on their computers via an e-mail. Once the marware has set up shop, the hackers have full control of the infected computers. They can look at e-mails, documents, and even turn on a webcam or microphone. Oh by the way, there’s currently no way for you to detect this marware.
I hope that the research team releases what it knows on this marware to anti-virus makers so that we can be fully protected against this threat. I also hope that serious attempts are made to bring this network down.
UPDATE: Meet the guys who discovered this threat. You can also get more details about how they got the 411 on this threat as well, including the use of a very elite tool to track down the hackers: Google.