Full Disclosure mailing list archives

[yusufg () outblaze com: Re: Possible source of worm..]

From: Len Rose <len () netsys com>
Date: Mon, 27 Jan 2003 05:53:21 -0500

----- Forwarded message from Yusuf Goolamabbas <yusufg () outblaze com> -----

Delivered-To: nanog-outgoing () trapdoor merit edu
Delivered-To: nanog () trapdoor merit edu
Delivered-To: nanog () nanog org
Date: Mon, 27 Jan 2003 18:48:19 +0800
From: Yusuf Goolamabbas <yusufg () outblaze com>
To: nanog () nanog org
Subject: Re: Possible source of worm..
In-Reply-To: <20030127050913.B2830 () netsys com>
User-Agent: Mutt/1.4i
X-AntiVirus: checked by Vexira MailArmor (version: 2.0.1.6; VAE: 6.17.0.2; VDF: 6.17.0.19; host: corpmail.outblaze.com)
Precedence: bulk
Errors-To: owner-nanog-outgoing () merit edu
X-Loop: nanog

According to the South China Morning Post: http://www.scmp.com 

"Roy Ko Wai-tak of the Hong Kong Computer Response Team says his team
is tracing the source of the Sapphire worm, which is believed to have
come from Asia, maybe even Hong Kong." - Ricky Chang

I can't get access to the news article, seemingly you have to have
premium access.


I have access to this article, some interesting paragraphs 

<quote>
The Washington Post reported on Sunday US experts and FBI's National
Infrastructure Protection Centre had found the worm contained references
in its code to the Honker group, a Chinese hacker group believed to be
active on the mainland and possibly Hong Kong.

However, most experts agree it is easy to hide identities and the
references might have been put in there to mislead investigators.

The Honker Union of China, a group of self-styled patriotic Chinese, has
claimed responsibility for an attack on the White House's official Web
site and hundreds of US government and company portals and Web pages
since 2001.

It has been denounced by the Chinese government for worsening Sino-US
relations. No one from the Honker group has been identified or arrested
so far. 
</endquote>

-- 
Yusuf Goolamabbas
yusufg () outblaze com

----- End forwarded message -----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

[yusufg () outblaze com: Re: Possible source of worm..] Len Rose (Jan 27)
- The worm author finally revealed! Solar Eclipse (Jan 28)
  - Re: The worm author finally revealed! Stephen Menard (Jan 28)
  - Re: The worm author finally revealed! martin f krafft (Jan 29)
    - Re: The worm author finally revealed! solareclipse (Jan 29)
    - Re: The worm author finally revealed! Michael Renzmann (Jan 29)
    - Re: The worm author finally revealed! Blue Boar (Jan 29)
    - Re: The worm author finally revealed! Henrik Lund Kramshøj (Jan 31)
    - Re: The worm author finally revealed! Simon Richter (Jan 31)
  - Re: The worm author finally revealed! pch (Jan 29)
  - Re: The worm author finally revealed! xbud (Jan 29)