Elite Chinese hacker rumored to be running Anvisoft antivirus firm

first_imgWhenever a new antivirus firm pops up, the Internet tends to be wary. Recent years have seen a multitude of malicious hacks and trojans masquerading as legitimate antivirus software, and suspicion is even more warranted when a firm appears to be based out of China. Anvisoft is a Chinese antivirus start up that has already been whitelisted by a few established AV companies. However, the man behind this venture might be one of the most noted hackers in China.There are hints that Anvisoft is concealing some very basic facts about itself. Back in April, a user inquired on Anvisoft’s own forums where the company was located. The answer from a rep: Canada. However, the domain registration record lists Freemont, California. The incorporation records, however, list Chengdu in the Sichuan Province of China as Anvisoft’s home base. The rep was also evasive when it came to naming the CEO of the business.Security analyst Brian Krebs did some digging, and was able to uncover some concerning details from a whois lookup and a reverse DNS lookup. The original registrant of the Anvisoft domain is listed as “wth rose.” This same individual held other domains, which led Krebs back to an email user name in Gaoxingu, China: “tandailin.”Krebs feels it’s safe to say that the man behind Anvisoft is Tan Dailin, a 28 year-old hacker that goes by the handle Withered Rose (or wth rose, if you’re in a hurry). This is notable because of Dailin’s involvement with a team of state-sponsored hackers in China called NCPH. While working with NCPH, Dailin designed zero-day exploits that targeted Microsoft Word, and also managed attacks on US Department of Defense assets.Dailin is most likely the mysterious CEO of Anvisoft, but that doesn’t necessarily mean the company is illegitimate. This man would certainly not be the first black hat hacker to turn over a new leaf, but the lack of information being released should give you pause. Several sites of questionable veracity are pushing Anvisoft’s Smart Defender software, but you might want to steer clear for now. There is probably a fox/hen house analogy to be made here.via Krebs on Securitylast_img read more

Read More »