Big month for Chinese hackers: US, Tor and VPN accessed

15 Jun 2015

Only a week after a major cybersecurity breach into US federal data was connected to a Chinese group, new claims have emerged linking the Chinese government to a bypass of Tor and VPN in its own country.

Tor is widely-used anonymity software, hiding a user’s computer whereabouts by bouncing its perceived location across locations all over the world.

According to The New York Times, a Chinese group has accessed the information of an unknown number of users of Tor in China by tracking people who were accessing websites “frequented by Chinese journalists as well as China’s Muslim Uighur ethnic minority”.

That a group has been accessing the details of Tor users will be a shock to many, as huge numbers of people rely on the anonymity provided by the software to greater protect their personal security.

“As long as visitors to those websites were also logged into one of 15 Chinese internet portals – including those run by Baidu, Alibaba and RenRen – the hackers were able to steal details of names, addresses, sex, birth dates, email addresses, phone numbers and even the so-called internet cookies that track other websites viewed by a user,” the report said.

Nobody locked the backdoor

The hackers are linked with the Chinese government due to the types of people targeted, as well as the claims that, to get around both Tor and VPN technology, attackers relied on a backdoor that top tech companies in the country failed to patch.

“Who else could be potentially interested in this information and go to such lengths? Who else would want to know who was visiting Uighur websites and reporters’ websites inside China?” said Jaime Blasco, a security researcher at AlienVault, a Silicon Valley security company. “There’s no financial gain from targeting these sites.”

Last week, details of a hack into the US Office of Personnel Management emerged, which was again linked to China.

A form that US security personnel fill in to gain security clearance was compromised, revealing very personal information about staff to the hackers.

The White House has a “high degree of confidence” that this information was among that hacked, while Joel Brenner, a former US counter-intelligence official, called the data a “gold mine” for hackers.

China hack image, via Shutterstock

Gordon Hunt was a journalist with Silicon Republic

editorial@siliconrepublic.com