No. 251 Eternal Red
251st Eternal Red
While typing on the keyboard, the boss complained about the accident: "It's really killing me!" β
A colleague asked, "Can we do it?" β
The boss stepped out of the way: "Here you come." β
A colleague approached and was surprised and said, "This is our virus." β
Unlike Andrew, this colleague's team needs to frequently hack into servers in other countries, and is more familiar with hacker attack and defense techniques than Andrew; Compared with his boss who has left the front line of business, his colleague has more solid hacking skills and is familiar with the various specialized hacking tools of the Oahu Cryptography Center in Hawaii. Finding that the source of the alarm was actually his own worm, my colleague compared and analyzed the source code changes of the worm as quickly as possible: "The other party added more than 70 lines of code. β
The boss stared at the screen: "Are you sure it's this?" β
The colleague slid down to a note: "Look, that's what they're for. β
Boss: "Are these symbols in Chinese?" β
A colleague translated on his behalf: "_is_only_one_China." There is only one Chinese country in the world, and the other side is obviously a patriot from China. β
My boss does not understand Chinese, but he has a general understanding of the international relations between China and the United States, and he knows that whenever this sentence appears, it is probably because the Chinese feel that the United States has offended their sovereignty. Dejectedly scolding a damned patriot, the boss asked his colleagues and Andrew: "Does anyone know what's going on lately?" β
The colleague shook his head and said he didn't know.
Andrew suddenly spoke: "I think it should be the Patriot missile incident. β
Boss: "Patriot missiles? β
Andrew elaborated: "On January 6, the Department of Defense approved Lockheed Martin's implementation of the Bush administration's October 2008 announced arms sales to Wanwan and will sell Patriot missiles to Wanwan. Recently, there has been a lot of buzz among the Chinese people, and many script kids (Script_Kiddie, entry-level hackers) have claimed to hack into our government websites. β
The boss wondered, "How do you know this?" β
Andrew pursed his lips in embarrassment.
After hesitating for three or five seconds, Andrew Yunran explained: "I'm chasing Huaguo Network. I simply know a little Chinese, and with the help of Spring and Autumn Search Online Translation, I can barely read the original Chinese text. In order to catch up with the latest chapters in time, I simply went to their Huaguo terminal. In recent days, I have always seen people in the comment section swiping Patriot missile posts, and nationalist sentiments encouraging book lovers to boycott the United States. β
The boss didn't ask any more questions, and said indignantly: "I'm going to hold the damned Chinese people responsible." β
The Oahu Cryptography Center branch in Hawaii is responsible for counter-espionage operations against China, and hacker groups such as SpaceTime have frequently hacked into servers located in China. However, the boss exudes the arrogance of the world's largest power, and he never looks at Huaguo's counterattack with an equal consciousness. As far as Andrew knows, the process should be as follows: the boss determined that the intruder was a Chinese hacker group and reported it, and the Ministry of Defense either suppressed or attacked the Chinese government head-on, and then the Chinese government denied it as a matter of course, and the matter was closed.
Andrew actually knew that his boss said that holding the Chinese people responsible was just a conventional means of shirking responsibility: it was not the Oahu Cryptography Center branch in Hawaii that was slack, but the Chinese government sent the strongest hacker group. No, if it was only the script kid Xiao Xiaomi who captured the Oahu Cryptography Center Branch in Hawaii, and the fault was all due to the incompetence of his boss, he would definitely be removed from his post and investigated. Andrew understood his boss's thoughts, but there was one sentence he still had to say: "I think the other party may not be a Chinese hacker." β
The boss looked at Andrew.
Andrew explained: "The Chinese annotations between the codes are obviously machine translated by Spring and Autumn Translation, which is different from the normal writing methods of Chinese people. Perhaps, the 'There_is_only_one_China' manifesto is intended to deliberately confuse us. β
Boss: "It's not Chinese, so who is it?" β
Andrew: "I don't know, we need ......"
Boss: "We need them to be Chinese hackers." β
Andrew: "? β
Boss: "They are Chinese hackers, so the Ministry of Defense can give us more funds, do you understand?" β
Andrew understands.
However, some idealistic Andrew strongly disagreed with his boss's behavior of beating rabbits like bears, and retorted: "But ......"
The boss roughly cut off Andrew's speech: "Do you dare to guarantee that they are not Chinese hackers?" It's not impossible that the Spring and Autumn translation of Chinese is designed to confuse people with simple brains like you, who think that the members of this hacking group are not native Chinese speakers. β
Andrew can't guarantee it.
The boss was angry, and left angrily: "I will never carry this black cauldron." β
The colleague then left.
Before leaving, the colleague patted Andrew on the shoulder comfortingly, but did not speak.
My colleague knows more about the office politics of this little Oahu Cryptography Center branch in Hawaii than Andrew, and it's okay if there is no big problem this time, but if there is a big problem, it must be Andrew's fault. The boss said to his face that he didn't carry the black pot, and said that he had to be a Huaguo hacker in order to allocate more funds, which seemed brainless and stupid at first glance. Actually, it's all digging a pit and waiting for Andrew or Andrew's department to jump. If Andrew is idealistic and naΓ―ve, and recklessly attacks his boss for hastily judging the intruder as a Chinese hacker in order to ask for more funding from the Department of Defense, he will inevitably offend all the administrative officials of the Oahu Cryptography Center Branch in Hawaii in an instant, and there is no possibility of turning over.
Andrew didn't understand his colleague's thoughts, his thinking was still stuck in hacking, and seeing that his colleague was about to leave, he hurriedly asked: "How much do we lose?" β
The colleague did not look back: "We are late in disconnection, and there are traces of downloading in the hacking tool library." β
Andrew went on to ask: "Hacking tool theft? β
No one answered him anymore.
Colleagues have gone far.
β¦β¦
Andrew's boss was right, and the intruder was indeed a Chinese hacker.
To be precise, it was Wei Dongsheng.
In addition to the Oahu Cryptography Center Branch in Hawaii, which manages SpaceTime, Wei Dongsheng also visited four or five hacker organizations affiliated with the NSA, including the Formula Organization Equation_Group, and downloaded a large number of hacking tools. The reason why the Oahu Cryptography Center Branch in Hawaii was able to discover Wei Dongsheng's invasion was not because they were very skilled, but because Wei Dongsheng showed a weak strategy, and when he left, he specially reminded them that he had been here.
If Wei Dongsheng shows that the U.S. government is incredibly powerful, any right-thinking organization will go to great lengths to find the core cause, thus compressing Wei Dongsheng's space for maneuver. If Wei Dongsheng only shows a strong ability, members of hacker organizations such as SpaceTime and Equation_Group will only mistake Wei Dongsheng for an opponent of their strength, a hacker of the Chinese national team or a hacker of the Russian national team, so as to avoid the United States using all national forces to search for clues about Wei Dongsheng.
Wei Dongsheng's counterattack strategy is actually very simple.
For 30 years, hacker group Shado_Brokers claimed to have stolen a large number of NSA hacking tools, and in August 2016, they were put up for auction. After repeated unsuccessful auctions, the hacking group Shado_Brokers unveiled a hacking kit from the Equation Equation_Group in April 2017. The following month, the annaCry ransomware, based on the hacking tool Eternal Blue Eternal_blue, quickly exploded around the world, becoming the most far-reaching worm in more than a decade.
Wei Dongsheng's idea is to detonate the annaCry ransomware crisis in advance.
When it comes to military confrontation exercises, the two sides often agree to name them the Red Army and the Blue Army respectively. Generally speaking, border defense exercises are mostly defended by the Red Army and attacked by the Blue Army; Most of the littoral exercises were attacked by the Red Army and defended by the Blue Army. Of course, this arrangement is not absolute, and sometimes given the ideological background, the own army will always be red and the enemy army will always be blue during the exercise.
Considering that the outbreak point of this cyber war was on the island of Oahu, Hawaii, Wei Dongsheng respected conventions and customs, and judged that the Red Army would represent the attacking side. In that case, the name Eternal Blue is no longer appropriate. As a result, Wei Dongsheng fused several hacking tools together and renamed them Eternal Red Eternal_Red, and renamed the ransomware virus annaCry to annaCry_Enhanced.
What Wei Dongsheng wants is not a secret hacker attack, but a major event that affects the international situation.
Therefore, before spreading the annaCry_Enhanced ransomware virus, Wei Dongsheng still needs to be patient.
β¦β¦
Although Wei Dongsheng's work torrent download or torrent download artifact has replaced the historical positioning of BitTorrent, The Pirate Bay (The_Pirate_Bay) is still the world's largest torrent server, and the only change is that the file suffix has changed from bittorrent to seed. In April 2009, a court in Stockholm, Sweden, sentenced The Pirate Bay founders to one year in prison and a fine of SEK 30 million for copyright infringement. The Pirate Bay's efforts dragged on until September 2009, and many broadband operators were forced to cut off The Pirate Bay's server network connections.
Now type in the URL of The Pirate Bay, and the homepage shows that it is missing.
At 0:00 on January 13, 2010, New York time, users of The Pirate Bay suddenly discovered that the home page of The Pirate Bay could be reopened without warning.
The new Pirate Bay homepage has just one image, one line of text, and one line of links.
The image is a middle finger pattern made of flames, as if expressing disdain for the American Motion Picture Association (MPAA), the Recording Association of America (RIAA) and other copyright organizations that are planning to ban it.
The text reads, "I am in your Skynet (I_am_ins_yours_skynets)."
A line of links, click to open is the password thepiratebay 7-zip archive, after the file is unzipped is Wei Dongsheng's hacking kit to steal NSA, which covers remote vulnerabilities for Unix, Linux, indos, MacOS and other operating systems, tools to clear event logs, Cisco firewall vulnerabilities and other 72 practical hacking tools.