Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Threat Management, Threat Management, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Report: China’s underground activity doubled last year

Share

After analyzing trends in the Chinese underground, Trend Micro found that activity in the marketplace doubled between 2012 and 2013.

Upon an even closer look, researchers at the firm also found that the most coveted tools and services in the underground were compromised hosts, remote access trojans (RATs) and distributed denial-of-service (DDoS) attack services.

Trend Micro's new research paper, “The Chinese Underground in 2013,”(PDF) detailed criminal activity facilitated in the space, and in a Thursday interview with SCMagazine.com, Christopher Budd, global threat communication manager at the company, said that, among the products, compromised hosts were most sought after.

In the report, Trend Micro defined "compromised hosts" as client workstations or servers that cybercriminals “have gained command and control of” without the owners' consent.

“That makes sense, because the compromised host is a multi-tasker,” Budd said. “It's kind of a like a Swiss army knife – you can do multiple things with it.”

The report also highlighted the going rate last year for popular black market services. Distributed denial-of-service (DDoS) offerings, for instance, were offered for anywhere from $16 per day to nearly $500 for a “lifetime” DDoS toolkit rental, the report revealed.

Researchers also monitored underground activity centered around mobile attacks. Trend Micro found that the most in demand offerings were SMS spamming services, SMS servers and premium service numbers.

Overall, the report noted that the increased activity in the China's underground took into account, both the number of participants and the number of product and services offerings in 2013.

In his interview, Rudd also noted that attacks, facilitated through shady transactions in China's underground market, were most often aimed at other users in the country – an ongoing trend that will likely continue.

“The participants in the Chinese underground looking inward, and the Russian underground looking outward [in attacks], has been a consistent trend,” Budd said. “And partly, that's linguistic, because the people in the Chinese underground market [products and services] in Chinese as opposed to English – [but] it's a combination of cultural and linguistic factors,” he said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.