Chinese Cyber-gangs have an underground network of tools and services

4 March 2014 Last updated at 12:47

China cyber-gangs use ‘vast underground network’

Chinese cybercriminals are increasingly targeting mobile users via a vast underground network of tools and services, according to a new report.

Security firm Trend Micro outlines the popular methods used by Chinese gangs to make money from the mobile web.

It details how cheap some mobile malware kits can be – from as little as 100 yuan (£9.70).

Such underground forums are thriving worldwide, particularly in Russia, China and Brazil.

The Mobile Cybercriminal Underground Market report outlines some of the key businesses operating in this vast and sophisticated network.

Spam devices

It includes the selling of premium-rate phone numbers, which can be bought from 220,000 yuan (£21,400).

Such numbers are used in conjunction with malicious apps that reply to text messages and then delete confirmation messages so users end up paying vast sums to cybercriminals without realising.

Spam is big business in a country where 81% of Chinese internet users went online using their mobile phone in 2013.

At the end of 2013 there were 500 million mobile internet users in China, according the China Internet Network Information Center (CNNIC).

To launch spam campaigns, cybercriminals often use a GSM modem, a device attached via USB to a computer, which can send out text messages to multiple users.

A 16-slot GSM modem, are available for approximately $425 (£254) each, can send up to 9,600 text messages per hour.

This spam can be used to advertise various products as well as tricking users into visiting malicious websites.

The report also talks about SMS forwarders – which are Trojans designed to steal authentication or verification codes sent via text messages.

They monitor text messages sent from online payment service providers and banks and intercept authentication or verification codes which are then forwarded to cybercriminals.

Currently they only run on Android phones.

Boosting apps

Apple users are also being targeted via iMessage spammers that are able to buy 1,000 spam services for as little as 100 yuan (£9.60).

Also operating on the mobile underground are app-rank boosting services, which can promote a malicious app by creating several dummy accounts to download and write good user reviews for it.

To boost an iPhone app into the top five of Apple’s China app store can cost 60,000 yuan (£5,800).

In Android third-party stores – where most Chinese Android users shop – cybercriminals pay according to the number of downloads they want, with prices starting at 40 yuan (£3.90) for 10,000 downloads.

The report concludes: “The barriers to launching cybercriminal operations are less in number than ever. Toolkits are becoming more available and cheaper; some are even offered free of charge.

“Cybercriminals are also making use of the ‘deep web’ to sell products and services outside the indexed or searchable world wide web, making their online shops harder for law enforcement to find and take down.”

Leave a Reply