Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  newsreader  groups  login

Message-ID:  

Depends on how you define "always". :-) -- Larry Wall in <199710211647.JAA17957@wall.org>

computers / comp.misc / Patchwork Hackers Target Chinese Research Organizations Using EyeShell Backdoor

SubjectAuthor
* Patchwork Hackers Target Chinese Research Organizations Using EyeShellReally
`* Re: Patchwork Hackers Target Chinese Research Organizations Using23k.304
 `- Re: Patchwork Hackers Target Chinese Research OrganizationsOregonian Haruspex

1
Patchwork Hackers Target Chinese Research Organizations Using EyeShell Backdoor

<20230804234940.346BD56031B@emkei.cz>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=2745&group=comp.misc#2745

  copy link   Newsgroups: alt.security alt.virus comp.misc talk.politics.misc soc.culture.china
Subject: Patchwork Hackers Target Chinese Research Organizations Using EyeShell
Backdoor
From: Rea...@wtf.com (Really)
X-Priority: 3 (Normal)
Importance: Normal
Errors-To: Really@wtf.com
Reply-To: Really@wtf.com
Content-Type: text/plain; charset=utf-8
Message-Id: <20230804234940.346BD56031B@emkei.cz>
Date: Sat, 5 Aug 2023 01:49:40 +0200 (CEST)
Newsgroups: alt.security, alt.virus, comp.misc, talk.politics.misc,
soc.culture.china
Path: i2pn2.org!rocksolid2!news.neodome.net!news.mixmin.net!sewer!news.dizum.net!not-for-mail
Organization: dizum.com - The Internet Problem Provider
X-Abuse: abuse@dizum.com
Injection-Info: sewer.dizum.com - 2001::1/128
 by: Really - Fri, 4 Aug 2023 23:49 UTC

Threat actors associated with the hacking crew known as Patchwork have been spotted targeting universities and research organizations in China as part of a recently observed campaign.

The activity, according to KnownSec 404 Team, entailed the use of a backdoor codenamed EyeShell.

<https://thehackernews.com/2023/07/patchwork-hackers-target-chinese.html?m=1>

Re: Patchwork Hackers Target Chinese Research Organizations Using EyeShell Backdoor

<yfCcnUXDlJ-nOVD5nZ2dnZfqn_ednZ2d@earthlink.com>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=2747&group=comp.misc#2747

  copy link   Newsgroups: alt.security comp.misc talk.politics.misc soc.culture.usa alt.military
Path: i2pn2.org!rocksolid2!news.neodome.net!usenet.blueworldhosting.com!diablo1.usenet.blueworldhosting.com!peer01.iad!feed-me.highwinds-media.com!news.highwinds-media.com!Xl.tags.giganews.com!local-1.nntp.ord.giganews.com!nntp.earthlink.com!news.earthlink.com.POSTED!not-for-mail
NNTP-Posting-Date: Sat, 05 Aug 2023 01:22:02 +0000
Subject: Re: Patchwork Hackers Target Chinese Research Organizations Using
EyeShell Backdoor
Newsgroups: alt.security,comp.misc,talk.politics.misc,soc.culture.usa,alt.military
References: <20230804234940.346BD56031B@emkei.cz>
From: 23k...@bfxw9.net (23k.304)
Organization: feather germanium
Date: Fri, 4 Aug 2023 21:22:01 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101
Thunderbird/78.13.0
MIME-Version: 1.0
In-Reply-To: <20230804234940.346BD56031B@emkei.cz>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Message-ID: <yfCcnUXDlJ-nOVD5nZ2dnZfqn_ednZ2d@earthlink.com>
Lines: 12
X-Usenet-Provider: http://www.giganews.com
NNTP-Posting-Host: 68.212.127.105
X-Trace: sv3-64mYfD+H3Wrg+AWK89Lix+MdjEViECel7PAnOPGdLC7jNCS6MZQXkn2aHeGRE7EFcPMVO0Q6+jCu5nO!Tr7/fQwl23nQhaOXk8HIhUD+gbncGQCmEKfi5meU7dWHg+FhnHRntHEF+4Cd9p7H+8z9FW8NiHtl!FL51VJ81crSeXhpptPYSkw==
X-Abuse-and-DMCA-Info: Please be sure to forward a copy of ALL headers
X-Abuse-and-DMCA-Info: Otherwise we will be unable to process your complaint properly
X-Postfilter: 1.3.40
X-Received-Bytes: 2035
 by: 23k.304 - Sat, 5 Aug 2023 01:22 UTC

On 8/4/23 7:49 PM, Really wrote:
> Threat actors associated with the hacking crew known as Patchwork have been spotted targeting universities and research organizations in China as part of a recently observed campaign.
>
> The activity, according to KnownSec 404 Team, entailed the use of a backdoor codenamed EyeShell.
>
> <https://thehackernews.com/2023/07/patchwork-hackers-target-chinese.html?m=1>

Unfortunately, this sort of hacking seems to be a tit-4-tat
cyberwar with the Chinese. They WILL come back with something
of equal or greater impact ... PLUS they know KNOW about this
little trick. 'Patchwork' basically gave them the blueprints
to their stealth bomber ....

Re: Patchwork Hackers Target Chinese Research Organizations Using EyeShell Backdoor

<uaorf2$2egle$1@dont-email.me>

  copy mid

https://www.novabbs.com/computers/article-flat.php?id=2751&group=comp.misc#2751

  copy link   Newsgroups: comp.misc alt.security talk.politics.misc soc.culture.usa alt.military
Path: i2pn2.org!rocksolid2!news.neodome.net!news.mixmin.net!eternal-september.org!news.eternal-september.org!.POSTED!not-for-mail
From: no_em...@invalid.invalid (Oregonian Haruspex)
Newsgroups: comp.misc,alt.security,talk.politics.misc,soc.culture.usa,alt.military
Subject: Re: Patchwork Hackers Target Chinese Research Organizations
Using EyeShell Backdoor
Date: Sun, 6 Aug 2023 19:14:43 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 20
Message-ID: <uaorf2$2egle$1@dont-email.me>
References: <20230804234940.346BD56031B@emkei.cz>
<yfCcnUXDlJ-nOVD5nZ2dnZfqn_ednZ2d@earthlink.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Injection-Date: Sun, 6 Aug 2023 19:14:43 -0000 (UTC)
Injection-Info: dont-email.me; posting-host="0a1c9eea562a4620e47a8957f077ca3c";
logging-data="2572974"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX18zvWZEe9UllR34ldVko7up"
User-Agent: NewsTap/5.5 (iPad)
Cancel-Lock: sha1:XG/aWBqWppKZE0gpBGiBWIVxVwo=
sha1:8gHR9OtKpfSSrCAPNHiulkP+V/c=
 by: Oregonian Haruspex - Sun, 6 Aug 2023 19:14 UTC

23k.304 <23k304@bfxw9.net> wrote:
> On 8/4/23 7:49 PM, Really wrote:
>> Threat actors associated with the hacking crew known as Patchwork have
>> been spotted targeting universities and research organizations in China
>> as part of a recently observed campaign.
>>
>> The activity, according to KnownSec 404 Team, entailed the use of a
>> backdoor codenamed EyeShell.
>>
>> <https://thehackernews.com/2023/07/patchwork-hackers-target-chinese.html?m=1>
>
> Unfortunately, this sort of hacking seems to be a tit-4-tat
> cyberwar with the Chinese. They WILL come back with something
> of equal or greater impact ... PLUS they know KNOW about this
> little trick. 'Patchwork' basically gave them the blueprints
> to their stealth bomber ....
>

Honeywell uploaded the F35’s blueprints to China actually.

1
server_pubkey.txt

rocksolid light 0.9.8
clearnet tor