Japan IT Forums

Noon July 27, Ruixing "Cloud security" system successfully intercepted a hacker group to the "Rising Card" website trojaned, Ruixing immediately to repair the site and compiling the server, the current network can be a normal visit to Kakadu. Ma page has been pegged at Kaka Ruixing Network (www.ikaka.com), visit to the crowd for the Rising users, because software is fully capable of rising to intercept this attack linked to horse and to prevent Trojan horse virus download, please the majority of users no need to panic.

Rising engineers believe that this is an obvious act of retaliation against malicious hacker groups, as the Rising "Cloud security" system to monitor and intercept a comprehensive horse web site linked to attacks by hackers getting money off a gang Web site has been rising in the attack. Since early July, the use of a hacker group is located at 118.123.11.29 (agent address) on the server site Ruixing continuous scanning, looking for the entrance of the attack.

Rising relevant information has been reported to the public security sector, and warned the group pull back from the brink, and stop as well as other sites on the Rising attacks.

Rising Internet hackers attack and defense laboratory of the organization named as "X group", since the beginning of June, Ruixing engineer with the "X group" over-round play has been published through the card three communities in the invasive group Web site log analysis to help webmasters to make up for dozens of loopholes to guard against such attacks. In addition, engineers also adopted Rising "Cloud security" system "X group" attacked the close follow-up information at any time, at any time to use the proxy server IP address and linked to accession to the blacklist Ma, so that even if the fall of a number of sites implantation of the virus, users visit the site to intercept anti-virus software will also be entirely possible to ensure that the user will not be poisoned.

According to Simon, "clouds security" system data, "X group" to enter in July has been attacked more than 200 websites, government websites, college-oriented Web sites and entertainment sites, including victims of users of a government portal, procuratorate and public security Web site. The groups are usually the first victims to use a puppet to the website server sniffer, scanning and penetration, and then injected to obtain the use of SQL server permissions, and then linked to the MA website address embedded in Web pages, so that when users access to the victim site, will be Trojan invasive procedures.

July 21 only the day, the gang has used on 59.54.54.92 and the IP address 118.123.11.29 two server attacks, and even the former is located in Jiujiang, Jiangxi Telecom IDC server room, usually such a server computing power, but also IDC is also the engine room of the bandwidth, and powerful attack capability. Through a large number of scanning and sniffing, the group finally Kaka smaller site visit channel page to find the weak points of their attacks have been injected. Fortunately, the timely discovery, and the Rising antivirus software has been able to block the malicious URL embedded in order to make the attack did not affect ordinary users too.

At present, Rising has gathered a great deal of evidence, including the use of the group server address, IP, the list of attack sites, the number of victims of users, and these data have been reported to law enforcement agencies. Waiting for the group and will be the fate of destruction.