Malware openly available in China, researchers say
Developers sell subscription programs, upgrade services for hacking
Computerworld - LAS VEGAS -- China's rapid emergence as a hotspot for criminal hacking activities is enabled by the open and unfettered availability of sophisticated hacking tools, according to security researchers attending the Black Hat conference here this week.
Many of the hacking tools are inexpensive, highly customizable, and easy to use.
Most of the early users of the the malware products have sought to steal has been from from online gaming accounts inside China. But now experts are seeing much broader use of such tools.
Hackers in China are developing malicious software "almost like a commercial product", said Val Smith founder of Attack Research, a Los Alamos, N.M.-based security firm. The products come complete with version numbers, product advertising, end-user license agreements and 24-hour support services, he said.
They are "rapidly deploying very easy to use tools for cutting edge exploits," Smith said at a Black Hat presentation on Wednesday. "Their community is huge because [the malware] is easy to use," while at the same time many of the exploits are very advanced, he added.
Unlike in the U.S, the buying and selling of hacker tools in China takes place mostly in the open, said Anthony Lai, a security researcher with Valkyrie-X Security Research Group (VXRL) a Hong Kong based non-profit firm. Often, all that's required to find and purchase a malware program often is the ability to use a browser and search engine, he said during a talk at Black Hat.
Most of those selling malware products make little effort to conceal their activities. In fact, many openly advertise their wares and their capabilities through search engines like Baidu.com, he said. Customers can buy the malware they need for less than $20 or sign up as subscribed members and get regular updated supplies of the tools, Lai said.
The hacking tools run the gamut and are often designed for off-the-shelf use. Many offer exploit generators that allow more sophisticated hackers to carefully customize malware for specific needs by using graphical user interfaces, Lai said. The GUIs let wannabe hackers specify what they want the program to do, for instance, whether they want it to steal data, capture screens, log keystrokes, remotely control a system or undertake any other task.
Some check boxes lets malware purchasers decide what kind of obfuscation and hiding methods they want to use to evade detection by security tools, while others walk them through the deployment and updating process, Lai said.
It's not unusual for those selling malware programs to let buyers first test out the products before buying it and to offer regular product updates and phone numbers to call for support services. Statistical tools are also available to help buyers keep track of the systems they have infected.
China's hacking abilities has received increasing scrutiny following Google's disclosure earlier this year that it's servers had been hacked apparently by hackers based out of China.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan, or subscribe to Jaikumar's RSS feed . His e-mail address is firstname.lastname@example.org.
- Secretive group seeks recruits at Defcon, finds skepticism
- Hacker snoops on GSM cell phones in demo
- Free Android apps scrape personal data, send it to China
- U.S. should seek world cooperation on cyber conflict, says ex-CIA director
- 'Unhackable' Android can be hacked, Black Hat researchers say
- Update: ATM hack gives cash on demand
- BitBlaze tool boosts bug-hunting productivity 10-fold
- Apple patches Safari ahead of Black Hat talk, launches add-on gallery
- Black Hat: Most browsers can be made to give up personal data
- AT&T: We don't intend to stop Black Hat demo
Read more about Security in Computerworld's Security Topic Center.
- Troubleshooting Common Issues in VoIP Learn more about Voice over Internet Protocol (VoIP), including common VoIP metrics used, best practices in VoIP management and tips and tricks for...
- 2013 Network Management Software (NMS) Buyers Guide This white paper contains an independent comparison study of six different network management solutions and provides guidance on how you can choose the...
- Rightsizing Your Network Performance Management Solution: 4 Case Studies This white paper discusses challenges encountered as organizations search for the most cost-effective network performance management solution.
- Global Growing Pains: Tapping into B2B Integration Services to Overcome Global Expansion Challenges A recent survey by IDG Research explored both the challenges and pain points companies face when growing globally, as well as the capabilities...
- E-Signature RFP Checklist Webcast If your organization is looking to adopt e-signatures, you may be overwhelmed by the number of providers that offer seemingly similar solutions. How...
- Cloud and Collaboration: Driving Your Business Value Mission Critical Cloud from Peer 1 Hosting is enterprise-grade. All Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!