The Chinese Cybercriminal Underground Goes Mobile

View research paper: The Mobile Cybercriminal Underground Market in China

In 2013, 81% of Chinese Internet users went online via mobile devices. That’s around 500 million people accessing the Internet using their smartphones and tablets. With a user base that large, China’s mobile market has undoubtedly become a prime target of cybercriminal activities.

The Chinese mobile cybercriminal underground is a growing market. Over several months, our researchers frequented various underground sites and QQ chats to see what kind of wares cybercriminals were trading. What they found was a diverse set of offerings created to suit different purposes. These include the following:

• Premium service abusers that are used to sign up unsuspecting mobile users for premium services. The users are unfortunately charged subscription fees that benefit malicious app developers.
• SMS forwarders that intercept text messages and effectively hide traces of malware infection
• SMS spamming services and devices that function as their names suggest
• Number-scanning services that automatically checks and collects legitimate mobile phone numbers 
• Rank-boosting services that increase a mobile app’s ratings on third-party app stores. Enterprising cybercriminals can use these services to make their malicious apps stand out.

Although majority of these crimeware were designed for Android devices, our researchers also noted offerings made to run on iOS devices. The development and peddling of these wares might have been triggered by Apple’s partnership with China Mobile and the platform’s quadrupling share in the Chinese mobile market.

You can find a more comprehensive list of the offerings, including their prices, in The Mobile Cybercriminal Underground Market in China.