China issues safety warning for its nationals studying in the Philippines
The brief warning Friday did not identify any specific incidents but told students to increase their safety awareness should they choose to study in the Philippines. The number of Chinese students in the country was not given but enrolments have fallen to just a few hundred in recent years, according to the Hong Kong newspaper South China Morning Post.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
WIRED
an hour ago
- WIRED
How China's Patriotic ‘Honkers' Became the Nation's Elite Cyber Spies
Jul 18, 2025 11:28 AM A new report traces the history of the early wave of Chinese hackers who became the backbone of the state's espionage apparatus. Photo-illustration: Jacqui VanLiew; Getty Images In the summer of 2005, Tan Dailin was a 20-year-old grad student at Sichuan University of Science and Engineering when he came to the attention of the People's Liberation Army of China. Tan was part of a burgeoning hacker community known as the Honkers—teens and twenty-somethings in late-90s and early-00s China who formed groups like the Green Army and Evil Octal, and launched patriotic cyberattacks against western targets they deemed disrespectful to China. The attacks were low-sophistication—mostly web site defacements and denial-of-service operations targeting entities in the US, Taiwan, and Japan—but the Honkers advanced their skills over time, and Tan documented his escapades in blog posts. After publishing about hacking targets in Japan, the PLA came calling. Tan and his university friends were encouraged to participate in a PLA-affiliated hacking contest and won first place. The PLA invited them to an intense, month-long hacker training camp, and within weeks Tan and his friends were building hacking tools, studying network infiltration techniques, and conducting simulated attacks. The subsequent timeline of events is unclear, but Tan, who went by the hacker handles Wicked Rose and Withered Rose, then launched his own hacking group—the Network Crack Program Hacker (NCPH). The group quickly gained notoriety for winning hacking contests and developing hacking tools. They created the GinWui rootkit, one of China's first homegrown remote-access backdoors and then, experts believe, used it and dozens of zero-day exploits they wrote in a series of 'unprecedented' hacks against US companies and government entities over the spring and summer of 2006. They did this on behalf of the PLA, according to Adam Kozy, who tracked Tan and other Chinese hackers for years as a former FBI analyst who now heads the SinaCyber consulting firm, focused on China. Tan revealed online at the time that he and his team were being paid about $250 a month for their hacking, though he didn't say who paid or what they hacked. The pay increased to $1,000 a month after their summer hacking spree, according to a 2007 report by former threat intelligence firm VeriSign iDefense. At some point, Tan switched teams and began contracting for the Ministry of State Security (MSS), China's civilian intelligence agency, as part of its notorious hacking group known as APT 41. And in 2020, when Tan was 36, the US Justice Department announced indictments against him and other alleged APT 41 members for hacking more than 100 targets, including US government systems, healthcare organizations, and telecoms. Tan's path to APT 41 isn't unique. He's just one of many former Honkers who began their careers as self-directed patriotic hackers before being absorbed by the state into its massive spying apparatus. Not a lot has been written about the Honkers and their critical role in China's APT operations, outside of congressional testimony Kozy gave in 2022. But a new report, published this month by Eugenio Benincasa, senior cyber defense researcher at the Center for Security Studies at ETH Zürich university in Switzerland, expands on Kozy's work to track the Honkers' early days and how this group of skilled youths became some of China's most prolific cyber spies. 'This is not just about [Honkers] creating a hacker culture that was implicitly aligned with national security goals,' Benincasa says, 'but also the personal relations they created [that] we still see reflected in the APTs today.' Early Days The Honker community largely began when China joined the internet in 1994, and a network connecting universities and research centers across the country for knowledge-sharing put Chinese students online before the rest of the country. Like US hackers, the Honkers were self-taught tech enthusiasts who flocked to electronic bulletin boards (dial-up forums) to share programming and computer hacking tips. They soon formed groups like Xfocus, China Eagle Union, and The Honker Union of China, and came to be known as Red Hackers or Honkers, a name derived from the Mandarin word 'hong,' for red, and 'heike,' for dark visitor—the Chinese term for hacker. The groups were self-governing with loosely formed hierarchies and even had codes of ethics shaped by influential members like Taiwanese hacker Lin Zhenglong (known by his handle 'coolfire'). Lin believed hacking skills should be cultivated only to strengthen cyber defenses— to learn the ways of hackers in order to thwart them—and wrote an influential hacking manual 'to raise awareness about the importance of computer security, not to teach people how to crack passwords.' There were no simulated environments for hackers to build their skills at the time, so Honkers often resorted to hacking real networks. Lin didn't oppose this—hacking wasn't illegal in China except against government, defense, or scientific research networks—but he published a set of ethical guidelines advising hackers to avoid government systems or causing permanent damage and to restore systems to their original condition after Honkers finished hacking them. But these guidelines soon fell away, following a series of incidents involving foreign affronts to China. In 1998, a wave of violence in Indonesia broke out against ethnic Chinese there, and outraged Honker groups responded with coordinated website defacements and denial of service attacks against Indonesian government targets. The next year, after Taiwanese president Lee Teng-hui announced his 'Two-States Theory' challenging the Communist Party's "One China" doctrine, the Honkers defaced Taiwanese government sites with patriotic messages asserting the existence of a unified China. In 2000, after participants at a conference in Japan denied facts around the Nanjing Massacre, in which an estimated 300,000 Chinese were killed during Japan's 1930's occupation of the city, Honkers circulated a list of more than 300 Japanese government and corporate sites, along with email addresses of Japanese officials, and prompted members to target them. The so-called patriotic cyberwars gave the Honkers a common cause that forged an identity unique from western hacking groups, which the Honkers had emulated until then. Where western hackers were primarily motivated by curiosity, intellectual challenge, and bragging rights, the Honkers bonded over their common cause to help China 'rise up.' In the words of a China Eagle Union pledge, the Honkers vowed 'to put the interests of the Chinese nation above everything else.' The patriotic wars put China's Honkers on the map and inspired more to join them. Honker Union swelled to an estimated 80,000 members, Green Army to 3,000. Most were just enthusiasts and adventure seekers, but a subset stood out for leadership and hacking skills. A particularly influential group among these, whom Benincasa calls the Red 40, would go on to found or join many of China's top cybersecurity and tech firms and become integral to the state's cyberspy machine. There's no evidence that the government directed the patriotic hacking operations, says Benincasa, but their activity aligned with state interests, and they drew government attention. A retired PLA rear admiral and former professor at the PLA National Defense University praised their patriotism. The public also appeared to support it. A report claimed that 84 percent of internet users in China favored the patriotic hacking. But in April 2001, this began to change after a Chinese fighter jet clipped a US reconnaissance plane mid-air off the coast of Hainan and sparked an international incident. The collision killed the Chinese pilot and forced the US plane to land on Hainan, where the Chinese military seized the aircraft and held the crew for more than a week. The incident stoked nationalist sentiments among US and Chinese hackers alike, and both sides lobbed cyberattacks against the other country's systems. The Chinese government grew concerned over its lack of control of the Honkers and feared they could become a liability and escalate tensions. The Chinese Communist Party's official newspaper likened the hacking to "web terrorism,' and the head of the Internet Society of China issued a statement through China's official state media condemning it as well. The retired PLA rear admiral who previously praised the groups now warned they were a threat to international relations. The Honkers got the message, but with their patriotic mission shelved, the groups now became less cohesive. There were leadership clashes and disagreements over direction and priorities—some wanted to turn professional and launch cybersecurity companies to defend China's systems against attack, others wanted to go rogue and sell malicious tools. The former left to join tech firms like Baidu, Alibaba, and Huawei or cybersecurity firms like Venustech and Topsec. Some became entrepreneurs and launched their own security firms, like NSFocus and Knownsec, which became leaders in vulnerability research and threat intelligence. Some, however, shifted to cybercrime. And others, like Tan, became contract hackers for the PLA and MSS, or founded firms that served these operations. Honker Recruitment According to Benincasa, the PLA and MSS began hiring Honkers around 2003, but the recruitment became more structured and earnest following the 2006 hackings attributed to NCPH and Tan. The recruitment expanded during and after the 2008 Beijing Olympics, and was likely helped in 2009 with the passage of China's Criminal Law Amendment VII, which criminalized unauthorized intrusions into any network as well as the distribution of hacking tools. Hacker forums began to shutter, and some Honkers got arrested. Word spread that Tan was among them. According to Kozy, Tan faced seven and a half years in prison, though it's unclear if he served any time. Kozy believes he cut a deal and began work for the MSS. In 2011, it appears he launched an antivirus firm named Anvisoft, which may have served as a front for his MSS work. Former Honkers Zeng Xiaoyong (envymask) and Zhou Shuai (coldface) also became contractors for the PLA and MSS and worked on operations conducted by APT 41, APT 17, and APT 27, according to Benicassa. Some worked through shell companies, others worked through legitimate firms who acted as intermediaries to the intelligence services. Topsec and Venustech were two firms alleged to have assisted these efforts. Topsec employed a number of former Honkers, including the founder of the Honker Union of China, and Topsec's founder once acknowledged in an interview that the PLA directed his company. In 2015, Topsec was linked to state-sponsored cyber operations, including the Anthem Insurance breach in the US. Over the years, many tools used by China APT groups were built by Honkers, and the PLA and MSS mined them for vulnerability research and exploit development. In 1999, Huang Xin (glacier), a member of Green Army, released 'Glacier,' a remote-access trojan. The next year, he and Yang Yong (coolc) from XFocus released X-Scan, a tool to scan networks for vulnerabilities that is still used by hackers in China today. In 2003, two members of Honker Union released HTRAN, a tool to hide an attacker's location by rerouting their traffic through proxy computers, which has been used by China's APTs. Tan and fellow NCPH member Zhou Jibing (whg) are believed to have created the PlugX backdoor in 2008, which has been used by more than 10 Chinese APTs. According to Benincasa, Zhou developed it even further to produce ShadowPad, which has been used by APT 41 and others. Over the years, leaks and US indictments against former Honkers have exposed their alleged post-Honker spy careers, as well as China's use of for-profit firms for state hacking operations. The latter include i-Soon and Integrity Tech, both launched by former Honkers. Wu Haibo (shutdown), formerly of Green Army and 0x557, launched i-Soon in 2010. And last year, someone leaked internal i-Soon files and chat logs, exposing the company's espionage work on behalf of the MSS and MPS. In March this year, eight i-Soon employees and two MPS officers were indicted by the US for hacking operations that targeted US government agencies, Asian foreign ministries, dissidents, and media outlets. Integrity Tech, founded in 2010 by former Green Army member Cai Jingjing (cbird), was sanctioned by the US this year over ties to global infrastructure hacks. This year, the US also indicted former Green Army members Zhou and Wu for conducting state hacking operations and sanctioned Zhou over links to APT 27. In addition to engaging in state-sponsored hacking, he allegedly also ran a data-leak service selling some of the stolen data to customers, including intelligence agencies. This isn't unlike early-generation US hackers who also transitioned to become cybersecurity company founders, and also got recruited by the National Security Agency and Central Intelligence Agency or hired by contractors to perform hacking operations for US operations. But unlike the US, China's whole-of-society intelligence authorities have compelled some Chinese citizens and companies to collaborate with the state in conducting espionage, Kozy notes. 'I think that China from the beginning just thought, 'We can co-opt [the Honkers] for state interests.'' Kozy says. 'And … because a lot of these young guys had patriotic leanings to begin with, they were kind of pressed into service by saying, 'Hey you're going to be doing a lot of really good things for the country.' Also, many of them started to realize they could get rich doing it.'
Washington Post
2 hours ago
- Washington Post
China-linked scam centers target U.S., congressional commission warns
A bipartisan commission that advises Congress on China warned Friday that 'fragmented and under-resourced' U.S. efforts to counter a multibillion-dollar scam industry, backed by Chinese criminal organizations, could see it increasingly aimed at Americans and escalate rapidly with new technologies. The U.S.-China Economic and Security Review Commission (USCC) said in a report released Friday that U.S. losses from China-linked fraud probably far exceeded $5 billion in 2024 — up 40 percent from the previous year — with Americans emerging as the top targets for Chinese criminal organizations since the covid pandemic. The scams — often linked to transnational crime syndicates involved in drug and money laundering operations — target Americans through text messages, social media, dating apps and jobsites. Beijing, meanwhile is using its own crackdown on the scam centers to expand its law enforcement presence in Southeast Asia, which could bolster China's leverage over regional governments and facilitate intelligence operations, the report said. 'These things are industrial-scale fraud factories that are using some of the most modern technology available, and their use of that technology is allowing them to scale these things very quickly. … I don't even think American law enforcement has figured out how to get their heads around this yet,' said Mike Kuiken, a USCC commissioner. The commission raised concerns that Chinese criminal organizations are giving Beijing unfettered access to U.S. personal data. It pointed to recent wide-scale raids by Chinese authorities on scam centers carried out in countries including Laos and Myanmar, where they seized computers and phones that, according to the report, probably grant Beijing access to data harvested on American targets. 'They're collecting computers, communication devices and they're collecting a lot of data on Americans, which should concern us as well,' said Randall Schriver, vice chair of the commission and the former assistant secretary of defense for Indo-Pacific Security Affairs under the first Trump administration. The report also highlighted cases where scam operators and criminal syndicates have built 'mutually beneficial' relationships with the Chinese government and its Belt and Road infrastructure program, creating special economic zones where scam centers targeting Americans have flourished. It pointed to the ongoing expansion of a criminal network led by U.S.-designated triad boss Wan Kuok Koi, which a Washington Post investigation last month showed has ties to the Chinese Communist Party and is under investigation by Southeast Asian authorities for operating scam centers. The Chinese embassy in Washington did not comment on specifics raised in Friday's report. 'The Chinese government stands firm in combating crimes of telecom and online fraud, fighting cross-border illegal and criminal activities and protecting the lawful rights and interests of Chinese citizens,' said Chinese embassy spokesman Liu Pengyu. The USCC report comes amid a sweeping State Department reorganization — one that began last week and has seen about 1,300 employees dismissed, including key personnel overseeing coordination of counter-scam operations in Southeast Asia. Gone as part of the shake-up is the Office of Multilateral Affairs within the East Asian and Pacific Bureau, which coordinated with countries on U.S. policy countering scam centers targeting Americans, according to two former department officials who spoke on the condition of anonymity to avoid reprisals. The State Department has said that 'mission-critical functions and personnel' will be reintegrated within the department. Commissioners behind Friday's report said they hoped those scam-fighting staff would remain in place. 'If the State Department is about making America safer, more secure, more prosperous, this needs to be on the agenda,' said Schriver. The Trump administration has gutted the U.S. Institute of Peace, which laid off nearly all of its U.S.-based staff in March. The organization had played a key role in monitoring the scale of the threat posed by Chinese-backed criminal networks operating scam centers across Southeast Asia. In its recommendations to Congress, the USCC report said that cementing cooperation with Southeast Asian allies is critical to avoid 'further entrenching Beijing's presence and influence' in the region. 'There's a law enforcement piece and there is a diplomacy piece,' said Kuiken, who said scam centers should rank higher on the U.S. agenda in future engagements with Beijing, alongside ongoing efforts to crack down on the global fentanyl trade. 'It is a complex challenge involving multiple elements of our government, but it's a very serious problem,' he said. Research by USIP found that Chinese criminal organizations are expanding their global reach, using international money laundering networks — including operations inside the United States — to facilitate large-scale scams and mass human trafficking. These networks are used to staff scam centers, which have proliferated into the hundreds, particularly in a lawless region known as the Golden Triangle, where China's border meets Myanmar and Laos near Thailand. Key U.S. allies like Thailand are facing growing pressure from Beijing to grant senior Chinese police officials access to the scam compounds, according to the USIP report. 'The Chinese government has worked closely with mainland Southeast Asian governments to combat transnational criminal activities in those areas, arguably providing a pretext for China to gradually assert more political influence over the region,' it said. In a large-scale operation earlier this year, Thai authorities — acting at Beijing's urging — cut electricity to scam centers along the Myanmar border after a Chinese actor was kidnapped and held for several days in one such scam center. The USCC warned Congress that the crackdowns target groups scamming Chinese citizens, an action the USCC says is incentivizing them to shift focus to Americans. 'If the United States does not strengthen its relationships with Southeast Asian countries and help them build the capacity to tackle scam centers, these countries will likely grow more reliant on China to address transnational crime, further entrenching Beijing's presence,' said the report. The commission said that Beijing has little incentive to crack down on operations targeting U.S. users, noting that criminal networks have pivoted toward Americans. The scams not only drain financial resources but have also had more tragic consequences, including reported suicides tied to victims' losses, the report said. These scam operations, historically run by Chinese criminal organizations, initially targeted Chinese nationals through so-called 'pig butchering' schemes — a term describing romance scams in which fraudsters build trust over social media or messaging apps before persuading victims to send money. Buoyed by new tools including artificial intelligence and social media, as well as better connectivity in regions where they operate, scam operators have sought more Western victims. That pivot has also fueled a growing network of money laundering on U.S. soil. Federal indictments show how hundreds of millions of dollars swindled from Americans have been funneled through sophisticated webs of bank accounts, shell companies and cryptocurrency exchanges — ultimately routing stolen funds back to criminal syndicates in Asia. In February 2025, federal prosecutors in California charged two Chinese nationals and a U.S. accomplice with laundering more than $13 million in proceeds from pig-butchering scams through U.S.-based shell companies. Last month, the Justice Department announced a record $225 million cryptocurrency seizure tied to a sophisticated money-laundering scheme that lured U.S. victims into sending funds through fraudulent investment platforms. 'The Chinese are also clearly extending their money laundering operations into the United States, so this digital money laundering is being assisted by Chinese criminal elements within our borders,' said Shriver. Hannah Natanson contributed to this report.
Yahoo
4 hours ago
- Yahoo
Officials uncover shocking scale of smuggling ring driving species to brink: 'Substantial and lucrative'
Officials uncover shocking scale of smuggling ring driving species to brink: 'Substantial and lucrative' Despite the European Union's ban on the export of critically endangered European glass eels in 2010, the animals are still being illegally trafficked in record numbers and face a high risk of extinction. What's happening? As Mongabay reported, European eels have been a hot commodity in the illegal wildlife trade since the 1990s, particularly in East Asia, when Japan's native eel populations began declining. Because of concerns about the eels being overexploited, they were listed under Appendix 2 of the Convention on International Trade in Endangered Species in 2007, which restricts their trade by requiring export permits. The following year, European eels were classified as critically endangered by the International Union for Conservation of Nature, reflecting a 97% decline in their population since 1980, as reported in a separate Mongabay article. However, due to complex criminal networks spanning Europe and Asia, which even involve biologists, chemists, and veterinarians to ensure the animals survive their arduous journey, it's becoming increasingly difficult to catch smugglers. And since European glass eels can't be bred in captivity, per the United Nations Office on Drugs and Crime, aquaculture farms that raise them to produce the traditional Japanese dish unagi must import wild-caught juveniles, making smuggling the animals a highly profitable endeavor. According to a 2025 Europol assessment of serious organized crime, profits generated by the smuggling of glass eels are estimated at 3 billion euros ($3.5 billion) in high-demand years. "The trafficking of glass eels remains one of the most substantial and lucrative illegal trades of protected species across the globe," the law enforcement agency wrote in the report. Ignasi Sanahuja, a physiology professor at the University of Barcelona and lead author of a study on the environmental consequences of the European eel trade, told Mongabay that if more efforts aren't made to stop smugglers, the animals and the ecosystems they inhabit could face major risks. "Disruptions at any stage — especially through overharvesting of glass eels — can collapse the entire population structure," Sanahuja told the news outlet. "Continued unregulated trade exacerbates this decline, threatening not only the species but also the ecological balance of the habitats they occupy." Why is the trafficking of European eels concerning? The illegal wildlife trade hurts economies because it reduces tax revenue for local communities and governments and threatens the livelihoods of traditional fishermen, farmers, and eel processors who have relied on sustainable eel fishing for centuries, particularly in Atlantic coastal communities, per Wired. Not to mention, trafficking the eels disrupts marine and freshwater ecosystems, as they act as both predators and prey, helping to regulate populations of other species and maintain biodiversity. Do you think America does a good job of protecting its natural beauty? Definitely Only in some areas No way I'm not sure Click your choice to see results and speak your mind. "The illegal or excessive harvest of glass eels strips away a critical life stage," Sanahuja said. "That disrupts their ecological role — leading to a cascade of effects like overpopulation of aquatic insects, reduced food for eel predators, and weakened ecosystem resilience." Even when eels are rescued and released back into their native habitats, they put wild populations at risk of contracting bacterial infections because of their reduced immunity. And if the European eels happen to escape from aquaculture farms in Asia, they could outcompete native species for resources and contribute to ecosystem collapse in other areas as well. What's being done to protect them? Louisa Musing, the senior program officer for the organization TRAFFIC in Europe, told Mongabay that the huge scale of the trade demands coordinated efforts from multiple agencies across the EU and stronger legislation to prevent smuggling. But even though authorities are cracking down on wildlife crimes associated with the eels, experts say public awareness campaigns and reintroduction programs are also necessary to help the species rebound. Individuals can help by learning more about wildlife trafficking, reporting suspicious activity to anti-trafficking hotlines, and donating to nonprofits such as the World Wildlife Fund that are working to end the illegal wildlife trade. Join our free newsletter for good news and useful tips, and don't miss this cool list of easy ways to help yourself while helping the planet. Solve the daily Crossword
