Liu Xiaobo

No limit to the length and breadth of phishing attacks on dissident writers

State security openly infiltrated the computers of dissident writer's network of friends

PUBLISHED : Sunday, 21 April, 2013, 12:00am
UPDATED : Sunday, 21 April, 2013, 4:39am

In the winter of 2009 to 2010, a mainland writer friend whose pen name is Zhao Dagong was arrested and detained by the security police. Zhao is vice-president and secretary of the Independent Chinese PEN Centre, a group of banned mainland writers whose president is Liu Xiaobo, the Nobel Peace laureate, currently serving an 11-year sentence for subversion.

Zhao suffered during Mao Zedong's Great Famine, surviving by eating the leaves and bark of trees, and other unpalatable food substitutes. It was an experience that led him to question his socialist education. In the 1990s, he published articles on the internet, many of them critical of the Communist Party. Two compilations of his essays have been published in Hong Kong.

Shortly after Liu was sentenced, police visited Zhao, who is used to being taken out of town "to drink tea" with them on significant anniversaries such as that of the June 4, 1989 crackdown, but this was different. According to his account after his release, 12 or 14 officers took all his computer equipment along with most of his library. He was held for two weeks and interrogated.

I did not know what to do except ask my friends to join Amnesty International's "urgent action" letter-writing campaign. But no news came and calls to the authorities went unanswered. His wife answered the phone, but did not want to talk. For days, I worried he would get a long prison term. Then, as suddenly as he had been taken, he was released, and I was overwhelmed with curiosity to know what had happened. I could not get through on the phone, but the next day I received an e-mail from his Gmail account, with a link to a blog post on his ordeal. I clicked the link, but there was no story. The next day an e-mail arrived from a new account, saying that his old e-mail had been hijacked. Two days later, a warning message told me to check my computer for a Trojan horse. And there it was.

According to Yu Du, the webmaster of the Independent Chinese Pen Centre, I was probably attacked by mainland network police. Presumably they had turned Zhao's computer over to their hacker colleagues, who had sent the bogus link to everyone on his mailing list. For 48 hours, they had had access to all my personal files.

"Why would they be interested in my personal information?" I asked. Yu replied: "Chinese police want to know everything."

Zhao said the hackers sent a lot of bogus e-mails and many of his friends were tricked into installing Trojans. Such was my introduction to the world of mainland state hacking. They presumably collected contacts, harvested e-mails and stole passwords, using these to engineer further phishing attacks and more deeply infiltrate dissident networks. It is likely that my information will be stored indefinitely.

The timing of the attacks left little doubt that this was the work of state security and there was no attempt to deny this. Thus it seems that within the Chinese-speaking world, it is accepted that hacking of party enemies is a fact of life. But the party's external enemies are only beginning to become aware.

Since then, Zhao's website has also been hacked, says the Google warning which appears when I try to access the site, and a virus has been installed. It has now been placed on a Google blacklist, Yu says. The virus enters the computers of anyone who visits the website, installing a Trojan that takes control.

Stephen Thompson is a Hong Kong-based journalist and IT consultant