The Current Chinese Cybercriminal Underground

Uploaded on 2015-12-09 in NEWS-Cybersecurity News, INTELLIGENCE-Hot Spots-China, GOVERNMENT-Law Enforcement, FREE TO VIEW

 

By the end of 2013, the Chinese cybercrime underground was a very busy economy, with peddled wares that not only targeted PCs, but mobile devices as well making it its most prolific segment. We also saw cybercriminals abusing popular Web services such as the instant-messaging app (IM), QQ, to communicate with peers.

Today, the Chinese underground is thriving more than ever. Previous explorations in the Chinese underground have indicated that cybercriminals are quick to adapt to technological advancements and existing trends as seen throughout 2015. Data (either leaked or stolen) are now being traded along with prototypes and new functional hardware, like point-of-sales (PoS) and automated teller machine (ATM) skimmers. As the Chinese underground continues to burgeon, we expect to see more cybercriminal activity using these new market offerings:

Leaked data search engines and other offerings
Data leaked in the underground allows cybercriminals to commit various crimes like financial fraud, identity and intellectual property theft, espionage, and extortion. Chinese cybercriminals have managed to enhance the way they share data as seen in the case of SheYun, a search engine created specifically to make leaked data to users available.

Over the last few years, we have been keeping track of the shift of prices of goods and services traded in the Chinese underground. Previously, we saw compromised hosts, DDoS attack tools services, and remote access Trojans (RATs) being sold. Today, social engineering tools have been added to the market.

Carding devices
Cash transactions are slowly becoming a thing of the past, as evidenced by the adoption of electronic and mobile payment means.
    
    PoS skimmers - Tampered PoS devices are sold to resellers who may or may not know that these devices are rigged. Some PoS skimmers come with an SMS-notification feature that allows the cybercriminal to access the stolen data remotely every time the device is used.
    
    ATM skimmers –Commonly sold on B2B websites, these fraud-enabling devices allowed fraudsters to carry out bank fraud and actual theft. The devices have keypad overlays that are used to steal victims’ PINs.
    
    Pocket skimmers – These small, unnoticeable magnetic card readers can store track data of up to 2,048 payment cards. They do not need to be physically connected to a computer or a power supply to work. All captured data can be downloaded onto a connected computer.
    
TrendMicro paper, Prototype Nation: The Chinese Cybercriminal Underground in 2015 provides a closer look into the country's underground market and how it has kept up with events in the real world.
Trend Micro: http://bit.ly/1lkZ7Rl

« Insurance & Cyber Vulnerability - Get Your Report for 2016
How to Spot a Fake LinkedIn Profile in 60 Seconds. »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Perkins Coie LLP

Perkins Coie LLP

Perkins Coie LLP is an internationalk law firm with offices across the USA and Asia. Practice areas include Privacy and Data Security.

ThaiCERT

ThaiCERT

ThaiCERT is the national Computer Security Incident Response Team (CSIRT) for Thailand.

Cyber 360

Cyber 360

Cyber 360 is a Cybersecurity contract and fulltime placement firm dedicated to identifying and hiring Cybersecurity professionals.

Second Nature Security (2NS)

Second Nature Security (2NS)

2NS provide vulnerability assessment, penetration testing, security audit, application and network security and secure software development processes.

Air Informatics

Air Informatics

Air Informatics LLC provides security, information management, analytics and informatics for IT and wirelessly enabled airplanes and operations.

Africa ICS Cyber Security Conference

Africa ICS Cyber Security Conference

Africa's largest ICS Cyber Security Conference and Expo. The only platform that will proudly present top level B2B and B2C networking opportunities.

Intercast Global

Intercast Global

Intercast's mission is to be a strategic resource to our clients in Risk Reduction. We are a global leader in cyber security staffing and consulting to the enterprise.

Alpine Security

Alpine Security

Alpine Security provides penetration testing, security assessments and cybersecurity training services.

UMBRA

UMBRA

UMBRA is solely concerned with protecting governments against Nation State attacks. We are not a consumer or enterprise company.

CentricalCyber

CentricalCyber

CentricalCyber is a cyber risk consultancy and NIST CSF specialist set up to help business leaders better understand and manage cyber risk.

CENSUS

CENSUS

CENSUS is a Cybersecurity services provider offering services to multiple industries worldwide such as Security Testing, Code Auditing, Secure SDLC, Vulnerability Research and Consulting Services.

Datastream Cyber Insurance

Datastream Cyber Insurance

DataStream Cyber Insurance is designed to give SMB’s across the US greater confidence in the face of increasing cyber attacks against the small and medium business community.

BlueCat Networks

BlueCat Networks

BlueCat is the Adaptive DNS company. Our mission is to help the world’s largest organizations thrive on network complexity, from the edge to the core.

Azerbaijan Cybersecurity Center (ACC)

Azerbaijan Cybersecurity Center (ACC)

Azerbaijan Cybersecurity Center is a state-of-the-art facility to deliver advanced cyber training programs and build the next generation of Azerbaijan’s cybersecurity professionals.

Doherty Associates

Doherty Associates

Drawing on our deep industry knowledge and business insight, Doherty deliver intelligent IT solutions and services that help people work more securely, more productively and more creatively.

Pantherun Technologies

Pantherun Technologies

Pantherun is a pioneering force in the realm of encryption technology and data protection solutions.