back to article Terracotta: The Chinese VPN that hides Beijing's hackers with pwned biz

A China-based virtual private network (VPN) provider is powering some of the world's most capable hacking crews by selling infrastructure access stolen from at least 30 hacked businesses, RSA says. The company, which RSA codenamed 'Terracotta VPN', claims to have 1500 mostly-Windows nodes from 300 organisations distributed …

  1. Anonymous Coward
    Anonymous Coward


    .. what a lovely list of arguments to declare those pesky VPNs suspect.

    Moreover, hacking businesses offers APT scum the cover of a non-blacklisted exit node through which to target organisations: A hacking team stands a better chance at maintaining covert reconnaissance of a target when the packets trace back to a benign company.

    The argument to make them even questionable for legitimate businesses.

    I'm not saying this is isn't a legit report (and I'm glad they found this), I'm just hinting at the possibility that this may be used in a different way to what you expect.

  2. Anonymous Coward

    Right around the recipe I'd be using were I of the black hat bent. At least one level, if not several when possible, of indirection would be #1 on my list of things to do. I do hope everyone pays attention that doing this complicates that pesky attribution problem when it comes to pwning other's systems.

  3. Anonymous Coward
    Anonymous Coward

    Of those, 1095 are found in China, 572 in the US, two in Britain, and one in Australia.

    Okay, who has that dubious honour?

  4. Sanctimonious Prick
    Black Helicopters

    They Didn't Find...

    The ones in Canada and New Zealand. Maybe they did, but thought too many people would add 5 + 1?

  5. Tubz Bronze badge

    Any minute now, our braindead politicians will declare VPN's that they don't have backdoors too a security threat and ban them !

    1. Roo

      They've already declared that they don't like encryption because it somehow stops them from identifying & convicting kiddie fiddlers & terrorists. The fact that the terrorists & kiddie fiddlers were operating without encryption in and around Westminster for a few hundred years, and over the last few decades with mass surveillance in place doesn't actually seem to have made it as far as the public narrative yet.

  6. hjytemsah


    yes that's right

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like