Paul D · @Paulmd199
20th Apr 2014 from TwitLonger
Codenames associated with the Sino-American Cyberwar.
Yes, we steal each other's shit, all the time.
TITAN RAIN – see http://en.wikipedia.org/wiki/Titan_Rain (redubbed BYZANTINE HADES) https://wikileaks.org/gifiles/docs/10/100078_suggested-read-vf-enter-the-cyber-dragon-.html
BYZANTINE HADES (BH) – A concerted effort against Chinese hackers. It now has a new name. Probably containing the word “LEGION”
BYZANTINE ANCHOR (BA) – Codename for a specific group of Chinese hackers. Includes a suspected subgroup of hackers dubbed “Javaphile”, a leader of which was Yinan Peng. Compromised multiple US government, and defense contractor systems since 2003. https://wikileaks.org/plusd/cables/09STATE29816_a.html
BYZANTINE CANDOR (BC) – Codename for a specific group of Chinese hackers. Compromised A US-based ISP and at least one US government agency (got a complete list of usernames and passwords). https://wikileaks.org/plusd/cables/08STATE116943_a.html#efmGTFGXu
BYZANTINE FOOTHOLD (BF) – Codename for a particular group of Chinese hackers who attacked iBahn, HP, Xerox, Volkswagen and Yahoo!. Also attacked by BF groups: ISPs in Canada, Switzerland, Bangladesh, Venezuela, and Russia. Favorite tactic involves spear-phishing. Estimated size is several dozen to 100+members. https://wikileaks.org/gifiles/docs/16/1628884_china-us-csm-china-based-hacking-of-760-companies-shows.html
LEGION JADE – Codename for a specific group of Chinese hackers. Codename appears only on a slide fragment in the Petrobras video.
LEGION RUBY – Codename for a specific group of Chinese hackers. Codename appears only on a slide fragment in the Petrobras video.
LEGION AMBER – Codename for a specific group of Chinese hackers. These hackers attacked a large US-based Software firm in 2012, and gained enough control of their network to modify source code. http://books.google.com/books?id=cv3qAgAAQBAJ&pg=PT232&lpg=PT232&dq=%22LEGION+AMBER%22+NSA&source=bl&ots=IvSqQhuHdU&sig=_oIQHii99XWiZC1OhMqn0FLfhJU&hl=en&sa=X&ei=FGZTU5jQAcqryATwj4HYCw&ved=0CCYQ6AEwAA#v=onepage&q=%22LEGION%20AMBER%22%20NSA&f=false
LEGION YANKEE – Codename for a specific group of Chinese hackers. These hackers attacked several defense contractors and the Pentagon. http://books.google.com/books?id=cv3qAgAAQBAJ&pg=PT232&lpg=PT232&dq=%22LEGION+AMBER%22+NSA&source=bl&ots=IvSqQhuHdU&sig=_oIQHii99XWiZC1OhMqn0FLfhJU&hl=en&sa=X&ei=FGZTU5jQAcqryATwj4HYCw&ved=0CCYQ6AEwAA#v=onepage&q=%22LEGION%20AMBER%22%20NSA&f=false
SHOTGIANT – Codename for a massive joint NSA/CIA operation to hack Huawei. This included spying on its leaders, completely infiltrating its networks and stealing the source code for its products.
TURBOPANDA – Joint CIA/NSA effort to exploit Huawei network equipment.
HAMMERMILL insertion tool (HIT)– command and control system, designed by DNT for exploited Huawei routers.
HALLUXWATER – A firmware based malware for Huawei network equipment.
HEADWATER – software based persistent backdoor for Certain Huawei routers. Controlled via HAMMERMILL Insertion tool (HIT)