Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    April 2014
    S M T W T F S
    « Mar    
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  
  • About Us

    The Chinese underground has played host to many cybercriminals over the years. In the research brief titled Beyond Online Gaming Cybercrime: Revisiting the Chinese Underground Market, we provide some details of the current state of the Chinese underground economy. Last year, we looked into this underground sector, and this brief is a continuation of those efforts.

    Gathering knowledge about the Chinese underground economy is not particularly difficult, but does pose some challenges. The sites and markets that make up this underground economy are not visible to the public, but are hidden in forums and QQ chat groups. While many underground economies are organized via underground forums, the use of QQ chat groups is unique to China. These sites use their own jargon to name and describe their groups, but cybercriminals familiar with their jargon can easily find what they want.

    In some ways, the Chinese underground is similar to other legitimate economies: it offers a wide variety of products and services at a variety of price points. The services offered include:

    • Distributed Denial of Service (DDoS) kits and servers
    • Remote Access Tools (RATs)
    • Detection evasion services
    • Compromised webhosts
    • Phishing kits
    • Stolen user information
    • Webshells

    In all of these cases, a robust and healthy ecosystem exists, with cybercriminals being able to purchase their chosen product at a variety of price points.

    For example, for denial of service attacks, cybercriminals can choose to rent dedicated servers to mount more large-scale attacks. A modest Atom-based server can cost 599 RMB (US$98.50) a month; a more powerful Xeon server with a 1Gb/s connection can cost 2100 RMB (US$345) a month.

    The variety of prices is most evident in the sale of webshells, scripts that allow an attacker to maintain control over a compromised site. Sites with low page rankings on Baidu and Google can cost around 220-300 RMB (US$36-49) for a bundle of 270 sites; sites with higher page ranks can go for as much as 999 RMB (US$164).

    We hope that this paper will help readers understand the Chinese underground, in order to understand the kind of threats that users are likely to face from these threat actors and prepare the necessary defenses accordingly.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon




    Comments are closed.



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice