This is part of a series of blog posts discussing the Chinese underground. The previous parts may be found here:
- Part 1: Introduction
- Part 2: The Four Value Chains
- Part 3: Virtual Assets Theft
- Part 4: Internet Resources And Services Abuse
- Part 5: Blackhat Techniques, Tools, and Training
The full paper can be found here.
Now that we’ve discussed the architecture of the Chinese underground, we can look at its size and scale: namely, how much money is being made.
How Much Money?
With the knowledge of the four value chains in mind, it is possible to look at publicly reported numbers of cybercrime loss, match these to parts of the Chinese underground, and get a reasonable estimate for the total losses to users in China in 2011.
Unsurprisingly, targeting banks and other financial institutions directly for theft is the most profitable. The authors estimate that losses at banks due to information theft (primarily phishing) totals 67 million US dollars. Losses at third-party payment services were even larger however – these were estimated at 262 million US dollars.
The take from stealing virtual assets from online games is similarly impressive. The estimate for losses here total 225 million US dollars. While the losses per user are believed to be relatively small, this was made up for in volume, with an estimated 3.84 million users suffered losses in 2011.
In the area of abused resources and services, it was more difficult to gather precise estimates due to the variety of potential ways that attackers can profit. By focusing on just three aspects, however, the authors were able to get a good estimate: compromised hosts (71 million US dollars), infected mobile devices (157 million US dollars), and hacked websites (70 million US dollars).