Malware openly available in China, researchers say
Developers sell subscription programs, upgrade services for hacking
Computerworld - LAS VEGAS -- China's rapid emergence as a hotspot for criminal hacking activities is enabled by the open and unfettered availability of sophisticated hacking tools, according to security researchers attending the Black Hat conference here this week.
Many of the hacking tools are inexpensive, highly customizable, and easy to use.
Most of the early users of the the malware products have sought to steal has been from from online gaming accounts inside China. But now experts are seeing much broader use of such tools.
Hackers in China are developing malicious software "almost like a commercial product", said Val Smith founder of Attack Research, a Los Alamos, N.M.-based security firm. The products come complete with version numbers, product advertising, end-user license agreements and 24-hour support services, he said.
They are "rapidly deploying very easy to use tools for cutting edge exploits," Smith said at a Black Hat presentation on Wednesday. "Their community is huge because [the malware] is easy to use," while at the same time many of the exploits are very advanced, he added.
Unlike in the U.S, the buying and selling of hacker tools in China takes place mostly in the open, said Anthony Lai, a security researcher with Valkyrie-X Security Research Group (VXRL) a Hong Kong based non-profit firm. Often, all that's required to find and purchase a malware program often is the ability to use a browser and search engine, he said during a talk at Black Hat.
Most of those selling malware products make little effort to conceal their activities. In fact, many openly advertise their wares and their capabilities through search engines like Baidu.com, he said. Customers can buy the malware they need for less than $20 or sign up as subscribed members and get regular updated supplies of the tools, Lai said.
The hacking tools run the gamut and are often designed for off-the-shelf use. Many offer exploit generators that allow more sophisticated hackers to carefully customize malware for specific needs by using graphical user interfaces, Lai said. The GUIs let wannabe hackers specify what they want the program to do, for instance, whether they want it to steal data, capture screens, log keystrokes, remotely control a system or undertake any other task.
Some check boxes lets malware purchasers decide what kind of obfuscation and hiding methods they want to use to evade detection by security tools, while others walk them through the deployment and updating process, Lai said.
It's not unusual for those selling malware programs to let buyers first test out the products before buying it and to offer regular product updates and phone numbers to call for support services. Statistical tools are also available to help buyers keep track of the systems they have infected.
China's hacking abilities has received increasing scrutiny following Google's disclosure earlier this year that it's servers had been hacked apparently by hackers based out of China.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His e-mail address is firstname.lastname@example.org.
- Secretive group seeks recruits at Defcon, finds skepticism
- Hacker snoops on GSM cell phones in demo
- Free Android apps scrape personal data, send it to China
- U.S. should seek world cooperation on cyber conflict, says ex-CIA director
- 'Unhackable' Android can be hacked, Black Hat researchers say
- Update: ATM hack gives cash on demand
- BitBlaze tool boosts bug-hunting productivity 10-fold
- Apple patches Safari ahead of Black Hat talk, launches add-on gallery
- Black Hat: Most browsers can be made to give up personal data
- AT&T: We don't intend to stop Black Hat demo
Read more about Security in Computerworld's Security Topic Center.
- The Pivotal Big Data Suite- Reducing the Risks of Big Data The explosion of big data and the rapid evolution of big data tools and technologies is challenging IT to meet the demands of...
- A Survival Guide for Data in the Wild All corporate data used to reside in the data center. Safe and sound behind the corporate firewall. But now, employees have multiple devices...
- Transforming Security: Designing a State-of-the-Art Extended Team The information security mission is no longer about implementing and operating controls.
- The Big Data Security Analytics Era Is Here New security risks and old security challenges often overwhelm legacy security controls and analytical tools.
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different....
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!