Computer experts are investigating claims a worm that brought global Internet traffic to a halt over the weekend might have originated from a Hong Kong hacker group known as the Honkers.
The Sapphire worm, also identified variously as “SQL Slammer Worm” or “W32.SQLExp.Worm,” first surfaced Saturday and crashed most Internet servers in South Korea. It has since spread to servers around the world, severely slowing down and in some cases crashing services such as Web-browsing, data-base access, e-mails and thousands of Bank of America ATM machines in the U.S.
Networks from Asia to Europe and America were hit by what experts say is the worst outbreak since the Code Red virus disrupted Internet traffic two years ago.
U.S. experts and the FBI’s National Infrastructure Protection Center had found the worm contained references in its code to the Honker group, a Chinese hacker group believed to be active on the mainland and possibly Hong Kong.
However, most experts agree it is easy to hide identities and the references might have been put in there to mislead investigators.
The Honker Union of China, a group of self-styled patriotic Chinese, has claimed responsibility for an attack on the White House’s official website and hundreds of U.S. government and company portals and webpages since 2001.
It has been denounced by the Chinese government for worsening Sino-U.S. relations. Yet some intelligence experts believe that may be only a cover for Beijing-sponsored activity.
WorldNetDaily reported last year the Chinese military is preparing to launch new “exploratory” cyber-attacks against U.S. defense and civilian computer networks and systems as part of Beijing’s continuing efforts to level the playing field against the American military.
Three hacker groups participated in a cyber-attack four years ago while the Chinese government, at the very least, looked the other way: the Hacker Union of China, China Eagle and the Green Army Corps. The Hacker Union was credited with about half of the defacements.