Spams aren't always how they scheme
By now, most are aware that China has been mounting a years-long attack on US business and government systems. Newsweek was reporting on this in 2005. Here's another article from that period. At that point, our odd policy surfaced: an IT person at a government laboratory was able to track the "Titan Rain" group's exploits -- and wound up being fired and his security clearance revoked, even though he was working with authorities. It got more complicated, but...
In any event, there is another front in this war. On March 22 of this year, I got my first "Google AdWords" spam; a spam message pretending to be from Google wanting me to put in my bank account information so that they could "pay" me.
Roight.
I've subsequently received hundreds of these. But only today, when my
Lady_Anne and I were discussing this, did I track that the spam was from China. Every single one of the Google AdWords spam messages was from China, except the very first one identified as Paraguay (.PY) (which had an identical message from China six minutes later).
And every single one uses a different domain name, such as "frhjj02.cn" and "djieh3.cn" in otherwise identical messages sent two minutes apart -- which implies that they've used up uncountable millions of domain names. The campaign apparently started that week, as they quickly burned through "good" (i.e. particularly devious) names such as "selectelogin.cn".
I expanded my review -- and discovered that 16,207 of the spam messages I received that month -- about 15% -- came from China. (There was only the one that suggested Paraguay.) The title above is a line buried in one of these junkmails: "Things aren't always how they scheme."
Interesting. I wonder how much of this is sponsored and run by the Chinese military, as Titan Rain apparently is. Considering China's intense monitoring of its Internet activity (down to having guards watching over shoulders in Internet cafes), how could this be otherwise?
===|==============/ Level Head
In any event, there is another front in this war. On March 22 of this year, I got my first "Google AdWords" spam; a spam message pretending to be from Google wanting me to put in my bank account information so that they could "pay" me.
Roight.
I've subsequently received hundreds of these. But only today, when my
Lady_Anne and I were discussing this, did I track that the spam was from China. Every single one of the Google AdWords spam messages was from China, except the very first one identified as Paraguay (.PY) (which had an identical message from China six minutes later).
And every single one uses a different domain name, such as "frhjj02.cn" and "djieh3.cn" in otherwise identical messages sent two minutes apart -- which implies that they've used up uncountable millions of domain names. The campaign apparently started that week, as they quickly burned through "good" (i.e. particularly devious) names such as "selectelogin.cn".
I expanded my review -- and discovered that 16,207 of the spam messages I received that month -- about 15% -- came from China. (There was only the one that suggested Paraguay.) The title above is a line buried in one of these junkmails: "Things aren't always how they scheme."
Interesting. I wonder how much of this is sponsored and run by the Chinese military, as Titan Rain apparently is. Considering China's intense monitoring of its Internet activity (down to having guards watching over shoulders in Internet cafes), how could this be otherwise?
===|==============/ Level Head