An American computer security company released an explosive report Tuesday linking a Chinese military unit to a growing number of cyber attacks against American companies, organizations and government agencies.
But some of those connections — including profiles of the individual hackers in China — could not have been made without the work of the hacker group Anonymous, according to the report by the security firm Mandiant.
Security researchers and government officials have long claimed that China is behind a growing number of cyber attacks against American computer networks, a charge that China has repeatedly denied. But Mandiant’s 73-page report was unusual in its level of detail, going so far as to profile the identities of three hackers who are believed to be working for the Chinese military. Mandiant said it was able to find connections between two of those hackers and China’s People’s Liberation Army by relying on public data first revealed by the hacker group Anonymous.
In February 2011, Anonymous gained access to the website rootkit.com — an online forum where hackers and researchers share information about hacking techniques — and published personal data of more than 40,000 registered users online. The data included email and IP addresses.
The breach was one of dozens by Anonymous over the past two years and gained relatively little media attention. But now, two years later, security researchers say the data was valuable in helping them find links between hackers and the Chinese military.
“We are fortunate to have access to the accounts disclosed from rootkit.com,” the Mandiant report said.
Anonymous’ disclosure of the rookit.com information included an email and IP address for the username “uglygorilla.” The IP information, which identifies the location from which the user is accessing the Internet, pinned the hacker to a place close to a 12-story office tower in Shanghai that researchers believe is the headquarters of P.L.A. Unit 61398 — cyber warriors for the Chinese military.