Trend Micro presents the Chinese Cyber Underground in 2013


Trend Micro LogoTrend Micro has released a new whitepaper examining the Chinese cyber underground. As threat defense experts, Trend Micro works to provide ongoing analysis of the cybercriminal undergrounds around the world through its global forward-looking threat research team actively monitoring criminal activity.

Entitled, “The Chinese Underground in 2013,” the paper’s threat researcher found that chatter in the Chinese underground has doubled in the past year, and criminals are targeting citizens of their own country as opposed to the Russian underground which typically avoids targeting the native population. Because of the sheer size of the targeted population, the Chinese underground has potential to evolve into one of the largest in the world.

The whitepaper highlights the most popular malicious tools and services in the Chinese underground market with their corresponding prices, including details on how the mobile underground has emerged as usage increases. Popular services and products bought and sold within the Chinese cyber underground include:

  • Compromised hosts/infected computers
  • DDoS attack services
  • RATs (Remote Access Trojans)

“China is experiencing the dark side of hacking, and Chinese criminals are developing an economy of scale,” said Dr Jon Oliver, Trend Micro ANZ. “These malicious services are being sold to criminals who are pillaging Chinese and foreign victims. As we continue to learn how these criminals and their attacks work, we can develop countermeasures to keep sensitive information from falling into the wrong hands.”

This report is a component of Trend Micro’s Cybercriminal Underground Economy Series, which chronicles how the cybercriminal underground is thriving and evolving, as the number of victims continues to growthrough both identity and financial theft. Additional details regarding the Chinese underground can be found in this blog post.