The Chinese Cybercriminal Underground Goes Mobile
In 2013, 81% of Chinese Internet users went online via mobile devices. That’s around 500 million people accessing the Internet using their smartphones and tablets. With a user base that large, China’s mobile market has undoubtedly become a prime target of cybercriminal activities.
The Chinese mobile cybercriminal underground is a growing market. Over several months, our researchers frequented various underground sites and QQ chats to see what kind of wares cybercriminals were trading. What they found was a diverse set of offerings created to suit different purposes. These include the following:
- Premium service abusers that are used to sign up unsuspecting mobile users for premium services. The users are unfortunately charged subscription fees that benefit malicious app developers.
- SMS forwarders that intercept text messages and effectively hide traces of malware infection
- SMS spamming services and devices that function as their names suggest
- Number-scanning services that automatically checks and collects legitimate mobile phone numbers
- Rank-boosting services that increase a mobile app’s ratings on third-party app stores. Enterprising cybercriminals can use these services to make their malicious apps stand out.
Although majority of these crimeware were designed for Android devices, our researchers also noted offerings made to run on iOS devices. The development and peddling of these wares might have been triggered by Apple’s partnership with China Mobile and the platform’s quadrupling share in the Chinese mobile market.
You can find a more comprehensive list of the offerings, including their prices, in The Mobile Cybercriminal Underground Market in China.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Exposed Container Registries: A Potential Vector for Supply-Chain Attacks
- LockBit, BlackCat, and Clop Prevail as Top RAAS Groups: Ransomware in 1H 2023
- Diving Deep Into Quantum Computing: Modern Cryptography
- Uncovering Silent Threats in Azure Machine Learning Service: Part 2
- The Linux Threat Landscape Report