【新唐人2014年09月03日訊】一款中國品牌的路由器存在的「後門程序」,最近被媒體曝光。通過這個「後門程序」,有心人士可上傳、下載路由器中的檔案,只要在網絡上輸入IP位址,便可輕易盜取電腦用戶的資料。
8月30號,中國境外網絡媒體「流動日報」報導,「趨勢科技病毒實驗室」(TrendLab) 28號發佈一份報告指出,中國業者「磊科」(Netcore)旗下的路由器產品含有後門,除了可導致路由器設定被更改外,還可能被植入更強的密碼,協助進行分散式阻斷服務攻擊,更會自動監視報告用戶在網上的一舉一動。
報導說,後門存在於53413埠上的開放UDP埠,「趨勢科技」使用ZMAP工具進行掃瞄,發現超過200萬個IP位址的UDP埠向全世界洞開,這些路由器絕大多數位於中國。
「磊科」產品在海外市場以「Netis」品牌銷售,「趨勢科技」研判,「Netcore」與「Netis」旗下的路由器都有後門存在。
網路技術專家立裡:「目前很多歐美的網絡服務商為了降低成本,用廉價的中國品牌的路由器,配置給他們的用戶,比如『華為』等,我知道荷蘭也是有很多公司是採用的,而且即便是台灣的品牌或其他國家的品牌,也大量是在中共國生產的,而這些軟件如果植入一些木馬後門,那非常容易的,發現起來又非常困難。」
有評論指出,中共培養的龐大網路部隊,除了攻擊境外網站獲取機密外,也通過多種途徑,盜取普通百姓的私人信息,監視民眾的言論。
推特網民「姑鶴」認為,中國所有的國產路由器都有後門,「姑鶴」家去年裝了光纖寬帶後,就發現了一個問題。
網民姑鶴:「它另外有一個帳號,這個帳號是路由器裡面管理員起的帳號。但是這個帳號叫甚麼名字,密碼是甚麼,根本就沒有告訴你。所以這個帳號有對路由器進行修改的權限。這個狀況已經明確的告訴你,這個路由器後門已經是公開的,我可以通過這個帳號進入你的機器,對你進行一些檢查、限制等等的活動。」
網民孫林的家被當局安裝了監控儀器,孫林透露,去年,他的路由器被植入後門。
網友孫林:「發現了我家裏一共來了,其中還有一個女的,她動用了我的電腦,並且把我的路由器裡邊設定了『不可翻牆』這個程序,導致了我一個蘋果路由器不能翻牆。它就是不擇手段,不僅僅是警方親自來動手腳,他還派特務來動手腳,我把它送到蘋果店裡,他們說已經沒辦法恢復,這個東西植入進去的手段非常高明。」
「壹傳媒」公司主席黎智英在最新一期的《壹週刊》撰文指出,7月1號,「壹傳媒」伺服器被黑客以每秒鐘1.43億個查詢狙擊,所有私人帳目、文件、公司電郵等全被盜取,隨後,他被揭發捐款給泛民議員及政團。
全球資訊自由網創辦人張新宇:「香港支持民運的『壹傳媒』的電腦被盜了,也是有這個情況。中共用大型銀河計算機,一秒鐘算幾億次那種快速計算機,來植入它的黑客,或者打開別人的後門,進行通訊。這個你防不勝防,是因為它有人力、物力,大量的人來做這件事情。」
據了解,中國通訊裝置生產商「華為」具中共解放軍背景及官方資金,外界普遍擔心,「華為」可能會透過技術或設定,竊取使用者資料。前年10月,美國眾議院發表報告,認定中國「華為」及「中興」可能會對美國國家安全構成威脅,將兩家企業擋在美國市場門外。前年3月,澳大利亞政府也禁止華為參與競爭國家寬帶網基礎設施建設項目。
張新宇:「中國的路由器是從硬件裡面,直接植入這種黑客,直接有一些外界不知道的程序植到裡面,所以中國的路由器,包括華為,最近美國不能用,就是說,它已經植入了一些東西,為它的政治目的來服務,所以誰也不敢用它。」
「趨勢科技」指出,對消費者而言,目前欠缺解決後門的資源,使用者也無法自行關閉後門,目前唯一的解決方式可能就是更換設備。
採訪/陳漢 編輯/陳潔
ALARMING: Routers Made in China Monitor Your Internet Activities
The “Backdoor Programming" in a Chinese brand router
was recently exposed by the media.
Through this “Backdoor Programming," files, trojans and hacks can
be uploaded and download via the router,
This makes it easy to steal data from computers
by entering the IP address on the network.
On August 30, overseas online media newmobilelife.com
reported that TrendLab published a report on August 28.
The report indicated that routers made by a Chinese company
Netcore have backdoor programming that change routers’ settings.
as well as installing coding to facilitate service attacks,
and monitoring and reporting users online activities.
The report indicated that the backdoor programming is
on the UDP.
TrendLab used ZMAP to scan and found two million
UDP IP addresses. Most of these routers are located in China.
Netcore’s products are sold overseas as the Netis brand.
TrendLab analaysed that both Netcore and Netis routers
have backdoor programming.
Online technology expert Li Li: “At present, many
European and American Internet service providers give
their customers cheap Chinese brands routers to reduce cost.
For example, I know many companies in the Netherlands
use products made by “Huawei."
Even Taiwanese brand products or brands of other countries
are made in communist China.
It is very easy to install backdoor coding to these products,
but very difficult to find out.
Commentators pointed out that the Chinese Communist Party
fosters a large and powerful online army to steal secrets from
overseas,
as well as steal personal information from Chinese citizens and
monitor their speech.
Twitter user Guhe thinks all routers made in China
have backdoor programming.
He found a problem when installing fiber wide band last year.
Gu He: “It had another account name,which was created by
the administrator of the router.
Nobody tells you what is the account name or the password.
This account has permission to modify the router.
The situation is clear that backdoor programming is open.
I can get into your machine through this account and
conduct monitoring and restriction activities, etc."
Netizen Sun Lin’s home had spying equipment installed in his
home by the authorities.
Last year, his router was installed with back-door programming.
Sun Lin: “They came to my home. One of them was a woman.
She worked on my computer and installed a program to
prevent “crossing the wall"in my router.
One of my Apple routers could not cross the firewall.
They used every means. They sent policemen and special agents
to work on my equipments.
I sent it to the Apple store. They told me that they could not
recover it. This means that the implant is very advanced."
Chairman of Next Media Jimmy Lai wrote in the
latest issue of Next Magazine that:
on July 1 Next Media server was attacked by hackers
at 143 million queries per second.
All private accounts, documents, company e-mails were stolen.
Later it was revealed that he donated money to
Pan-Democracy members and political groups.
World Wide Free Network founder Zhang Xinyu: “HK’s
pro-democracy supporter Next Media’s computers was hacked.
The CCP used “the galaxy supercomputer" to hack or open up
other’s computers at hundreds of millions of times per second.
It is hard for anyone to guard, because it has huge amounts of
human and material resources to do this."
It is understood that China’s communication device
manufacturers Huawei has the background and capital
from the People’s Liberation Army (PLA).
It is wide scale worry that Huawei might steal user’s data
through technology or configurations.
In October, 2012, U.S. House of Representatives issued a report
stating that:
China’s Huawei and ZTD might pose a threat to U.S. national
security and blocked the two companies outside the U.S. market.
In March, 2012, the Australian government also banned Huawei
to compete in the national broadband network infrastructure
construction projects.
Zhang Xinyu: “The hardware of China’s routers were
directly installed with hacker programming, which is unknown to
the outside world.
So Chinese routers, including Huawei’s products cannot be used
in the U.S. recently.
Because something was programmed into it for political purpose.
So no one dared to use it."
TrendLab pointed out to consumers that there is a lack of
resources to solve back-door programming.
Users cannot close the back door on their own.
The only possible solution is to replace the equipment.
Interview/ChenHan Edit/ChenJie