China accuses Taiwan of running five feeble APT gangs, with US help China’s National Computer Virus Emergency Response Center on Thursday published a report in which it claims Taiwan targeted it with a years-long cyber offensive, backed by the USA, but which was so feeble Beijing complains compared it to an ant trying to shake a tree . In a report [PDF] titled “Operation Futile: Investigation …
i had a nothing linux machine that was under relentless attack. no data of any value on it, just an experiment with linux and some other programs, but it was hit with 60+ attempts to login with every username you could think of with all sorts of passwords. actually no user accounts to use could only attach from a physically attached keyboard. use a program to drop connections if there were more than 4 failed attempts to login. didn't slow the attacks down one bit. most of them had ip addresses that traced back to russia, brazil and a few other assorted places.
Yes, there are many botnets of hijacked BusyBox/Linux routers (many of them contain a telnet backdoor with no password, or a known password), which run a poorly programmed script that tries logging into GNU/Linux machines (or anything else with ssh) with weak username/password pairs (i.e. root/root) - as even a poorly executed attack as that, when run against random IPv4 addresses, will eventually uncover several dozen decently performant computers that can be hijacked for other purposes.
If you use openssh correctly for internet facing access and use a keyfile and in /etc/ssh/sshd_config set;
PasswordAuthentication no
UsePAM no
then such scripts cannot login even if your login is root/root (but the scripts are so poorly programmed they will keep going even if they always get; "Permission denied (publickey)").
With a keyfile, such attacks will never succeed, but you do get logspam, which tools like sshguard and fail2ban can silence down to a only mildly annoying level (I would recommend a higher login fail rate than 4, as you will end up locking yourself out if you ever add another computer and fail to get the config right a few times).
If you want to silence all of such logspam, you'll need to choose a random non-default port (i.e. any result above 1000 in GNU bash; `echo $((RANDOM % 66535))`) and charge in /etc/ssh/sshd_config
Port 22 -> Port 28406
>actually no user accounts to use could only attach from a physically attached keyboard
I suspect sshd is running, which would allow access with the right username and password if so configured - but you may want to stop and disable if you don't use ssh.
The concept of an IPv4 address tracing back to a country is bizarre, as it's just a number on any computer - although there are (often inaccurate) geoip mappings available.
Many such cases; https://www.gnu.org/gnu/gnu-users-never-heard-of-gnu.html
You realise that headline was made by the Register. Meanwhile china are using the "your attempts are pitiful" line, which is in stark contrast to the west's "made in china = spying" broader narrative.
It is interesting how different regions and entities describe the same thing. I imagine Chinese media will also be using the "Washington moans it's under relentless attack by chinese peasants" type of line.
They have the Communist youth league with 89 million members, used for mass spamming whenever someone writes something negative about PRC. Then you have the 50 cent army (wu mao) with employees, they have become a rather sophisticated outfit and runs pro Chinese propaganda in social media ( They also control payed western actors on, for example YouTube.)
The USA used all kinds of tactics through history, Deception is one of them. The UFO situation where authorities deceived their own employees is fresh to mind. Whenever intel is mixed in , false flag ops have always existed. Transmitters spewing false messages to confuse the enemy and make it waste it's time . even attacking themselves by jamming their own signals to further confuse everyone was common. That the USA are hacking themselves to look like victims and falsely accuse is par for the course. Deception is nothing new.
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2025
