cisrt.org having security related issues...
...so you link to the blog post
A recent post by the team at the Chinese Internet Security Response Team to their English-language site indicates that some of the site visitors are experiencing an attack from the CISRT.org site as a result of an injected IFRAME tag. Injected IFRAME tags are not a new means of using legitimate sites to launch attacks on …
With most of the malicious attacks on my own server originating in China, it comes as no surprise to find that visits to the Red Army's official "web security" site would be the trigger for even more malicious attacks.
It's typical of the sort of thing that prompted me to classify all Chinese IP space as "firewall on sight."
I completely agree. It's safe to say that anything operated from China, that's owned/operated by Chinese is really in cahoots with the PLA or State. Therefore, it's absolutely not surprising that such an mysterious event is occuring. And not only are the Chinese excellent in cyber crime, but their skill in Public Affairs and human manipulation are uncanny.
Oh, btw, I've also blocked all incoming/outgoing requests from Chinese IPs at my firewall... little buggers just can't be trusted. :)
First, sort out all the spam you've gotten recently. Say, the last 100 spams. A few minute's worth.
Now, find the URLs they link to. Granted, a few will be advertising phone numbers, etc, but ignore that for the moment as it's not many. Just sort out the URLs.
Now, whois.sc each one of them.
Count up the number that are hosted in the US.
Count up the number that are hosted in China.
And do please report back here. I'm interested to hear your findings.
For the terminally curious, when I did this a year or so back, out of 100 sites advertised, about 80 were hosted in China, 10 in Singapore/Korea/Taiwan/etc, and the rest between Russia (mostly), Brazil, and a couple of others. None in the US. Granted, most of those sites are *run* by Americans, and most spam ITSELF is from insecure US boxes (I believe) but without the infrastructure to actually deal with the traffic and host the e-commerce essentials, the spam would be worthless. And thanks to China, it's not.
"most of those sites are *run* by Americans" - but since they hijacked Chinese servers, it's China's fault !!
And if China didn't offer the infrastructure, it would be somebody else taking the blame. Anyone, except the poor Americans responsible for the whole mess in the first place.
This is one thread where we won't hear about how it was the US that invented the Internet !
Biting the hand that feeds IT © 1998–2020