NSCC hack : UPDATE !
We were able to talk to an account that claims to be "Flaming China" and responsible for the hack of the Chinese National Super Computer Center a few months ago.
Our first report relied mainly on information based on inspecting sample files and what has been posted on several dark web forums.
Eventually we got a hold of a contact on Telegram that has claimed to be the hacker that operates under the pseudonym “Flaming China" and is the main person responsible behind the 10 PB theft of data from the NSCC that includes classified material.
This is just a quick round up of what he has told us.
He confirms that is indeed about 10PB of data. “Flaming China” told us it took about six months to extract it.
Access was obtained via a compromised VPN domain controller. Eventually an extensive botnet was used to extract the data piece by piece. The same botnet also serves as a distributed storage system.
According to “Flaming China”, automatic integrity checks and re-download of corrupted datasets are possible as the setup still retains access to the NSCC data and can download data junks as
The dataset, according to the person we talked to, has not sold the data yet with negotiations still ongoing with several parties.
If any of his/her claims are true, is hard for us to confirm. But we have seen some screenshot of the node-storage setup of the botnet and it holds about the amount of data that “Flaming China” claimed to have stolen from the NSCC.
Though we did not obtain new datasets or sample data, besides what is already out there in the public. So, we can't make further judgement on what kind of additional data is in the dataset.
That is of course not irrefutable proof and we always recommend to take anything on this story with a grain of salt, but the overall details we received so far seem like that this operation is more in the realm of "real” than “fake".