The Wall Street Journal, 9 November 2012

In postmodern novels coincidences leave protagonists to wonder about potential existential conspiracies. In China, which has enough weirdness and intrigue to fill several Pynchon novels, freaky acts of chance on the Internet leave China watchers wondering about the long arm of the government.

That was acutely apparent Thursday after the Twitter accounts of a number of prominent China activists, journalists and even a political cartoonist received warnings that their Twitter accounts were compromised on the opening day of China’s 18th Party Congress.

Around 2 p.m. Beijing-based analyst Patrick Chovanec posted a tweet that read: “Wow, my Twitter account just got hacked. Party Congresses are such fun.”

That prompted at least eight others, including Chinese political cartoonist Hexie Farm, to chime in that they too had their accounts hacked. David Bandurski, a researcher at the University of Hong Kong’s China Media Project, provided China Real Time an email he received for the popular China Media Project account that read: “Twitter believes that your account may have been compromised by a website or other service not associated with Twitter. We’ve reset your password to prevent others from accessing your account.”

In an email Mr. Bandurski said he had been particularly active on Twitter live tweeting the political meeting in China, but said he wasn’t aware of what caused the problem. Mr. Chovanec was equally cautious. “All I know is what I experienced, I have no basis for understanding what it was about, or who did it,” he said.

It is extremely difficult to prove the origin of attacks on accounts and Twitter didn’t immediately respond to a request for comment. For its part, the Chinese government has said the nation is itself a victim, rather than an instigator, of hacking attacks.

In recent years, China has been routinely panned as the source for a large number of outgoing Internet attacks. Earlier this summer, Google enabled a new function on Gmail that warned users if their account had been targeted by “state-sponsored attackers.” In the wake of the new function, a number of Chinese human-rights activists on Twitter said they received the warning.

China watchers and activists have learned to surf the web with a fair dose of paranoia. Mr. Chovanec said that after receiving the email, he wasn’t sure whether he should enter a new password, as it seemed like it could be an elaborate phishing attack, which is a technique used by hackers to coax users into providing sensitive account information.

Melissa Chan, a reporter for al-Jazeera who in May was effectively expelled from China, said in an interview that she believed attempts to access the email and social networking accounts of the foreign press in China had gotten worse since an online protest campaign inspired by the Jasmine Revolution of the Middle East spread around China in the spring of 2011.

Ms. Chan, who is currently on leave from Al-Jazeera as a Knight Journalism Fellow at Stanford University researching hacking, said that she personal accounts she had collected from journalists as well as her own experience pointed to a worsening trend.

In particular she pointed to an increased sophistication in phishing attacks, noting that while she was reporting on the high-speed rail crash in Wenzhou in 2011, she received an email that promised “critical information about the Wenzhou crash.”

Suspicious, she said she sent the email to an expert who confirmed it would have downloaded malware onto her computer.

The suspicions about the hacking soon turned into a joke. Said Hong Kong-based human rights researcher Joshua Rosenzweig on Twitter: “Dear hackers, let me help you out. My password for everything is ‘1luvZh0uY0n9kan9.’” It’s a reference in 90s-style hacker writing to Zhou Yongkang, China’s powerful internal security chief.

UPDATE Friday, Nov. 9, 1am Beijing time: Twitter has issued a statement about the email notices saying that it routinely resets passwords for accounts it believes may have been compromised and sends an email notifying the user, along with information on how to set a new password. “In this case, we unintentionally reset passwords of a larger number of accounts, beyond those that we believed to have been compromised,” the statement says.

– Paul Mozur. Follow him on Twitter @paulmozur

http://blogs.wsj.com/chinarealtime/2012/11/08/as-congress-begins-a-string-of-twitter-hackings/