People's Liberation Army Unit 61398 || kuro5hin.org


	create account \| help/FAQ \| contact \| links \| search \| IRC \| site news

Everything

We need your support: buy an ad | premium membership

People's Liberation Army Unit 61398

By N0574 in N0574's Diary
Tue Feb 19, 2013 at 07:27:17 AM EST
Tags: internet, hackers, YFI (all tags)

PLA. Unit 61398, aka 中国人民解放军61398部队...Highlights of the Mandiant Study

* APT1 is believed to be the 2nd Bureau of the People's Liberation Army (PLA) General Staff Department's (GSD) 3rd Department, which is most commonly known by its Military Unit Cover Designator (MUCD) as Unit 61398.
* APT1 has systematically stolen hundreds of terabytes of data from at least 141 organizations.
APT1 focuses on compromising organizations across a broad range of industries in English-speaking countries.
* APT1 maintains an extensive infrastructure of computer systems around the world.
* In over 97% of the 1,905 times Mandiant observed APT1 intruders connecting to their attack infrastructure, APT1 used IP addresses registered in Shanghai and systems set to use the Simplified Chinese language.
* The size of APT1's infrastructure implies a large organization with at least dozens, but potentially hundreds of human operators.
* In an effort to underscore that there are actual individuals behind the keyboard, Mandiant is revealing three personas that are associated with APT1 activity.
* Mandiant is releasing more than 3,000 indicators to bolster defenses against APT1 operations.

Lovely weather here in Burma these days, hope the sun shines on all kurons.
What's the word on MDC? He in jail or the loonie bin?

Sponsors

Managed Hosting
VoxCAST Content Delivery
Raw Infrastructure

People's Liberation Army Unit 61398 | 7 comments (7 topical, editorial, 0 hidden)

I heard this on the radio, MDC status: (none / 0) (#1)
by claes on Tue Feb 19, 2013 at 08:22:19 AM EST

coming in. It does point to the PLA and it's associated manufacturing units as being the largest organized crime syndicate the world has ever (or is likely to ever) see. I can't figure out where this is going -- protected walled gardens? How much is this for real? I guess I gotta check the firewall logs more often -- so far there hasn't been much, which may not be a good thing.

MDC is apparently in the loonie bin: http://www.kuro5hin.org/comments/2013/1/15/12949/8390/4#4. But that was a month ago.

it's funny how reddit also reminded me of MDC (none / 0) (#2)
by mirko on Tue Feb 19, 2013 at 08:56:51 AM EST

http://en.wikipedia.org/wiki/Caltech%E2%80%93MIT_rivalry

maybe he wore the wrong tshirt?
--
Finally I managed to make the decision that I would work on it. - MDC
we had to huddle together - trane

crawford literally means crow's ford by sye, 02/19/2013 02:50:52 PM EST (none / 0)

and people thought I was craxy (none / 0) (#3)
by Del Griffith on Tue Feb 19, 2013 at 09:08:35 AM EST

for straight up blocking china on the firewall, and using a custom build of openvpn, with altered crypto. sheesh.

I bet the old place is hacked to shit now.

-------
I...I like me. My wife likes me. My customers like me. Because I'm the real article. What you see is what you get. - Me

Crawford's in jale, not the loony bin (none / 0) (#4)
by Harry B Otch on Tue Feb 19, 2013 at 09:15:03 AM EST

He was arrested and booked over a month ago, and has had a series of pre-trial hearings while incarcerated in the San Luis Obispo county jale, where he still remains as of now.

A recent letter in MDC's own handwriting confirms this, and he is being treated very nicely by his guards and fellow inmates, and even receives occasional snack-packs.

-----

I'd send him shit by Del Griffith, 02/19/2013 10:34:32 AM EST (none / 0)

You could donate anonymously by Harry B Otch, 02/19/2013 11:10:37 AM EST (3.00 / 2)

People's Liberation Army Unit 61398 | 7 comments (7 topical, 0 editorial, 0 hidden)

All trademarks and copyrights on this page are owned by their respective companies. The Rest © 2000 - Present Kuro5hin.org Inc.
See our legalese page for copyright policies. Please also read our Privacy Policy.
Kuro5hin.org is powered by Free Software, including Apache, Perl, and Linux, The Scoop Engine that runs this site is freely available, under the terms of the GPL.
Need some help? Email help@kuro5hin.org.
My heart's the long stairs.