By the end of 2013, the Chinese cybercrime underground was a very busy economy, with peddled wares that not only targeted PCs, but mobile devices as well—making it its most prolific segment. We also saw cybercriminals abusing popular Web services such as the instant-messaging app (IM), QQ, to communicate with peers.
Today, the Chinese underground is thriving more than ever. Previous explorations in the Chinese underground have indicated that cybercriminals are quick to adapt to technological advancements and existing trends as seen throughout 2015. Data (either leaked or stolen) are now being traded along with prototypes and new functional hardware, like point-of-sales (PoS) and automated teller machine (ATM) skimmers. As the Chinese underground continues to burgeon, we expect to see more cybercriminal activity using these new market offerings:
Leaked data search engines and other offerings
Data leaked in the underground allows cybercriminals to commit various crimes like financial fraud, identity and intellectual property theft, espionage, and extortion. Chinese cybercriminals have managed to enhance the way they share data as seen in the case of SheYun, a search engine created specifically to make leaked data to users available.
Over the last few years, we have been keeping track of the shift of prices of goods and services traded in the Chinese underground. Previously, we saw compromised hosts, DDoS attack tools services, and remote access Trojans (RATs) being sold. Today, social engineering tools have been added to the market.
Cash transactions are slowly becoming a thing of the past, as evidenced by the adoption of electronic and mobile payment means.
Our paper, Prototype Nation: The Chinese Cybercriminal Underground in 2015 provides a closer look into the country's underground market and how it has kept up with events in the real world.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.