clock menu more-arrow no yes mobile

Filed under:

Tracking a Chinese hacker from the internet to the real world

New, 14 comments
via <a href=""></a>

In January 2012, Dell malware expert Joe Stewart was tracking Chinese malware purveyors when he made a breakthrough. As part of his work looking at compromised machines, he'd discovered a series of domains registered with the name "Tawnya Grilth" and a disposable Hotmail address. But one actually hosted a business and an email address with the common surname Zhang, and others led him to forums where the hacker posted about his interests. When Stewart dropped the trail, blogger "Cyb3rsleuth" picked it up, putting a full name, QQ messaging number, and even a potential face to the hacker. Zhang doesn't seem to be implicated in the recent newspaper hacks, nor would his unmasking do much to dismantle the larger problem. But the Bloomberg Businessweek story of Stewart's work is a fascinating example of where tiny breadcrumbs of information can ultimately lead.