Canadian antivirus start-up may be brainchild of Chinese hacker

News 29 Nov, 2012

Clues point to man who ran zero-day attacks against US department of defense.

The founder of antivirus start-up Anvisoft has been revealed as an elite Chinese hacker Tan Dailin, who went by the pseudonym Wicked Rose, it has emerged.

The shady history behind company the was uncovered by investigative journalist Brian Krebs, who traced Anvisoft back to Dailin through its historic domain records and information compiled on Chinese hacking activities by network infrastructure operator Verisign’s iDefense security intelligence service.

Until Anvisoft starts to answer questions about who’s running the company, this firm is going to have a tough time gaining any kind of credibility

Anvisoft’s had claimed in previous communications that it is a Canadian company, although registration records for the website indicated it was based in Freemont, California. However, Krebs uncovered trademark registration records that point to the company being located in the city of Chengdu, China.

Now, though, it appears Anvisoft may have confirmed Krebs’ allegations against Dallin to The Register. In response to enquiries made via Facebook about Dailin’s involvement, the company’s official page said “Yes, it is true” in a private message.

Dailin was allegedly a black-hat hacker who led a state-sponsored four-man team called Network Crack Program Hacker (NCPH). The group reportedly developed a rootkit that exploited Microsoft Office security flaws to launch attacks against US department of defense entities between 2006 and 2008, before disbanding.

However, despite the alleged illegal activities of the company’s founders, there is no evidence that Anvisoft has been involved in any wrongdoing.

“This may all be a strange coincidence or hoax. Anvisoft may in fact be a legitimate company, with a legitimate product; and for all I know, it is,” Krebs said in his blog post.

“But until it starts to answer some basic questions about who’s running the company, this firm is going to have a tough time gaining any kind of credibility or market share,” he added.