China rejects computer spy claims

China’s government on Tuesday dismissed a research report outlining an extensive spy network based mostly in China as “lies” designed to hurt the country’s image abroad.

Speaking to reporters, Foreign Ministry spokesman Qin Gang said the conclusions of the report by Canadian researchers were symptoms of a “Cold War virus” that causes people overseas to “occasionally be overcome by China-threat seizures.”

On Sunday, the Citizen Lab at the Munk Centre for International Studies at the University of Toronto released the report on a spy network, dubbed GhostNet, that it said had infiltrated at least 1,295 computers, including 103 belonging to embassies, foreign ministries and other government offices around the world.

The report, published after a 10-month investigation, found three out of the four servers in the network were based in China while a fourth was in the United States. Some of the IP addresses used by the hackers were traced back to Hainan Island, the location of China’s major signals and intelligence agency.

But Citizen Lab director Ron Deibert told CBC Radio’s Ottawa Morning that the attack could have been carried out by anyone, as the control servers were not set up securely.

Qin did not directly respond to questions about whether the network existed or if its actions were supported by the government, but instead defended his country’s record on fighting cybercrime.

“China pays great attention to computer network security and resolutely opposes and fights any criminal activity harmful to computer networks, such as hacking,” Qin said.

“Some people outside China now are bent on fabricating lies about so-called Chinese computer spies.”

The GhostNet investigation began after the authors were asked to look into allegations that the Chinese were hacking into computers set up by the Tibetan exile community. The researchers eventually found a much wider network of computers that had been infected by hackers with malware that allowed the hackers to gain control of the computers and look at all files.



As Conficker activation looms, scammers seek to profit off fear

Online scammers are trying to profit from fear of the latest big name in internet viruses by creating and promoting links to fake security software, according to security firms.

The scams are hoping to capitalize on consumer fear over the Conficker worm, a version of which is set to activate on April 1, 2009, according to internet security firms Trend Micro and F-Secure, among others.

Search requests on websites such as Google that include terms like “Conficker” and “Nmap” — an open-source scanning tool capable of detecting the worm — are coming up with links to ineffective security programs, according to the security firms.

F-Secure said one domain, registered on Monday, advertises a tool called MalwareRemovalBot that costs $39.95 but did not remove the worm in tests.

“If you need malware removal tools, type the URL of your vendor of choice directly into the browser bar and use links on their website,” wrote Trend Micro’s Rik Ferguson on Monday. “Do not rely on Google search results at this time.”

The Conficker worm, also known as the Downandup worm, has been spreading through the internet since the fall, and a group of internet groups and businesses led by Microsoft has offered a $250,000 US reward for information leading to the arrest of those responsible.

The latest variant of the worm, Conficker C, which was noticed in early March, is expected to on April 1 direct machines it has already infected to connect to 500 web URLs a day from a group of 50,000 in an effort to run an update program and possibly receive instructions.

Security experts have advised PC users to make sure their computers are not infected with the worm, but said they do not know what, if anything, will happen on April 1 beyond the C variant’s increased effort to connect for an upgrade.

Reported internet spy network just tip of iceberg: researcher

An internet spy network that targeted hundreds of “high value” computers belonging to government departments and other organizations in 103 countries is likely just one of many, says one of the Canadian researchers who uncovered it.

“We happened to discover and publicize this particular one. But you can safely guess that there are many of these going on,” said Ron Deibert, director of the Citizen Lab at the Munk Centre for International Studies at the University of Toronto Monday.

Facebook users warned about dangers of being app happy

Facebook users are being urged to be wary about what Facebook applications they accept and what links they click as cyber criminals increasingly target the popular social networking site.

In the past week, several new variants of the Koobface worm, which targets Facebook users, and a number of “rogue applications” have been reported on the site, the internet security firm Trend Micro reported. 

Facebook undergoes makeover to give users more choice

The popular online hangout Facebook is revamping its home page and plans other changes so its millions of users can more easily choose the types of information they see.

Perhaps taking a cue from Twitter, the rising service for letting people express themselves in 140 characters or less and keep up with what notables have to say, Facebook said Wednesday it will let users follow public figures like U.S. President Barack Obama and swimmer Michael Phelps, bands like U2 and even institutions like the New York Times.