China cyber-gangs use 'vast underground network'

Chinese mobile phone user Cybercriminals are finding new ways to send malicious apps to mobile users

Related Stories

Chinese cybercriminals are increasingly targeting mobile users via a vast underground network of tools and services, according to a new report.

Security firm Trend Micro outlines the popular methods used by Chinese gangs to make money from the mobile web.

It details how cheap some mobile malware kits can be - from as little as 100 yuan (£9.70).

Such underground forums are thriving worldwide, particularly in Russia, China and Brazil.

The Mobile Cybercriminal Underground Market report outlines some of the key businesses operating in this vast and sophisticated network.

GSM modem with 16 SIM card slots A GSM modem can send out thousands of spam text messages every hour
Spam devices

It includes the selling of premium-rate phone numbers, which can be bought from 220,000 yuan (£21,400).

Such numbers are used in conjunction with malicious apps that reply to text messages and then delete confirmation messages so users end up paying vast sums to cybercriminals without realising.

Spam is big business in a country where 81% of Chinese internet users went online using their mobile phone in 2013.

At the end of 2013 there were 500 million mobile internet users in China, according the China Internet Network Information Center (CNNIC).

To launch spam campaigns, cybercriminals often use a GSM modem, a device attached via USB to a computer, which can send out text messages to multiple users.

A 16-slot GSM modem, are available for approximately $425 (£254) each, can send up to 9,600 text messages per hour.

This spam can be used to advertise various products as well as tricking users into visiting malicious websites.

The report also talks about SMS forwarders - which are Trojans designed to steal authentication or verification codes sent via text messages.

They monitor text messages sent from online payment service providers and banks and intercept authentication or verification codes which are then forwarded to cybercriminals.

Currently they only run on Android phones.

Boosting apps

Apple users are also being targeted via iMessage spammers that are able to buy 1,000 spam services for as little as 100 yuan (£9.60).

Also operating on the mobile underground are app-rank boosting services, which can promote a malicious app by creating several dummy accounts to download and write good user reviews for it.

To boost an iPhone app into the top five of Apple's China app store can cost 60,000 yuan (£5,800).

In Android third-party stores - where most Chinese Android users shop - cybercriminals pay according to the number of downloads they want, with prices starting at 40 yuan (£3.90) for 10,000 downloads.

The report concludes: "The barriers to launching cybercriminal operations are less in number than ever. Toolkits are becoming more available and cheaper; some are even offered free of charge.

"Cybercriminals are also making use of the 'deep web' to sell products and services outside the indexed or searchable world wide web, making their online shops harder for law enforcement to find and take down."

More on This Story

Related Stories

More Technology stories

RSS

Features & Analysis

BBC Future

Changing shape

What Concorde was like to fly

The supersonic icon of air travel Read more...

Programmes

  • Ebola patients in Sierra LeoneHARDtalk Watch

    Dr Geraldine O'Hara recalls the horrors of working on the Ebola frontline in Sierra Leone

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.