backtop


Print 31 comment(s) - last by serouscipher.. on Dec 10 at 3:20 PM

Study sheds light on how Chinese hackers compromise computers for fun and profit

Anyone who works or plays online loathes hackers and other thieves who are out to steal information from you and about you. While some of the theft is relatively harmless, some malware is out to cause serious harm to computers and network systems.

Recently, DailyTech reported about the teen botnet mastermind who was arrested for stealing information from infected systems. A report published this week gives us some insight into the underground hacking economy on the Chinese Internet. Authors of the report titled, “Studying Malicious Websites and the Underground Economy on the Chinese Web”, include Jianwei Zhuge, Thorsten Holz, Chengyu Song, Jinpeng Guo, Xinhui Han, and Wei Zou. Study authors hail from Peking University Institute of Computer Science and Technology in Beijing, china and University of Mannheim Laboratory for Dependable Distributed Systems in Mannheim, Germany.

In all, the study claims that 1.49% of Chinese websites have malicious content within them. The study measures 145,000 of the most commonly visited Chinese websites and found that 2,149 of them contained malicious content. Each time a visitor to the websites containing malicious content visited that had certain software vulnerabilities in their browser or applications, the machine was compromised and some sort of malware was installed unbeknownst to the computer user. This kind of attack is known as drive-by-download-attack and the malware is typically a Trojan of some sort that harvests information and sends it to the attacker.

The study describes what it calls actors from the underground economy. The first actor is the Virus Writer, who has a certain degree of technical background allowing them to program viruses and zero day exploits. The virus writers are driven by profits says the study. On the underground market virus writers typically earn around the equivalent of $1.34 USD for the sell of Trojans they write.

A website master/cracker is the next player who attracts web traffic to a site with free goods like music or applications. These webmasters/crackers then sell the traffic to “envelope stealers” for around 40 -60 RMB ($4-$8 USD) per 10,000 visits. The envelope stealers attempt to harvest username and password combos for given sites, like online games. These envelope stealers then sell the harvested information to virtual asset stealers for tens of RMB, or around $1.35 USD. These players also sell access to infected computers for pennies to about $1.35 USD.

Virtual asset stealers buy the password, username combos from envelope sellers and then gain access to accounts in popular online games where they steal game assets like weapons and coins to sell for real world profits. What the study calls one QQ coin sells for about $0.70 USD. The final piece of the underground economy is the players who buy the stolen game goods. The study says these players are most often teenage males very into online games who spend their parent’s money.



Comments     Threshold


This article is over a month old, voting and posting comments is disabled

The programmer gets paid what?
By tpurves on 12/6/2007 10:01:50 AM , Rating: 2
hold the phone, chinese programmers skilled enough to write zero day exploits gets paid $1.43?




RE: The programmer gets paid what?
By DigitalFreak on 12/6/07, Rating: -1
RE: The programmer gets paid what?
By bangmal on 12/6/2007 4:51:52 PM , Rating: 2
If that is what you believe, i feel sorry for the woman who gave birth to you


By clairvoyant129 on 12/6/2007 11:44:37 PM , Rating: 2
Last time I checked, GDP per capita is about ~$7000 in China. I can assure you that the cost of living in China is a lot cheaper than any Western countries.

What do those 13 year old factory girls get paid in a month? $50?


RE: The programmer gets paid what?
By PAPutzback on 12/6/2007 10:18:40 AM , Rating: 2
Well a bowl of rice costs a quarter compared to a #3 at McDs being 5.85.

Not to mention selling thousands of exploits adds up.
Then when the spyware programs get the update to beat the exploit they get to alter the code and get paid again.


RE: The programmer gets paid what?
By Lifted on 12/6/2007 2:20:00 PM , Rating: 2
3 meals/bowls of rice per day, at 1,000 calories of rice each day , is closer to 3 cents per meal (or bowl). So $1.43 Could feed a family of 4 (just the rice portion) for 4 days, or a single person for over 2 weeks. This is assuming 1/2 their calorie intake is rice.

BTW, is there a reason the author is following $1.43 or whatever amount by "USD" every time? Doesn't the dollar sign make that clear?


RE: The programmer gets paid what?
By serouscipher on 12/6/2007 3:36:40 PM , Rating: 1
Well just shows your sheer ignorance but there are other countries that also use dollar ($) as a symbol, like the Australian dollar. So in that respect the author is making sure that the readers do not misunderstand what he is trying to convey and in the process sue him in some manner like Americans do at the drop of a hat!!


RE: The programmer gets paid what?
By Lifted on 12/6/07, Rating: 0
By serouscipher on 12/10/2007 3:20:19 PM , Rating: 2
Exactly... media has to mention it everywhere cause some stupid dumbass will misconstrue the $ where it was not mentioned USD and think its the other dollar, go ahead and post a comment, get sued and in turn sue dailytech for this article being responsible... hence 'EVERY TIME'..and therein lies your ignorance


RE: The programmer gets paid what?
By bangmal on 12/6/2007 5:01:38 PM , Rating: 5
LOL. That is why the people around the globe call, "stupid american". Your ignorance really made me laugh.

If you use the price of rice to calcuate to cost of feeding for the Chinese family, you can get a similar but cheaper cost of living using the price of wheat or corn for the lovely american dudes.

Please, it might be hard for you, but try to use your brain a little and learn a little more about the world.


RE: The programmer gets paid what?
By Lifted on 12/6/2007 5:43:24 PM , Rating: 3
quote:
If you use the price of rice to calcuate to cost of feeding for the Chinese family, you can get a similar but cheaper cost of living using the price of wheat or corn for the lovely american dudes.


So you are telling us that people in the US can eat for less than those in China?

You do realize the I was replying to

quote:
Well a bowl of rice costs a quarter compared to a #3 at McDs being 5.85.


I'm not sure what makes me stupid or ignorant with regards to that as you haven't refuted the numbers I came up with.

Please explain.

quote:
Please, it might be hard for you, but try to use your brain a little and learn a little more about the world.


Living in Asia now, I can only go by what my eyes and ears tell me, and that is that most Asians consume rice and noodles (some of which are made from rice) as a large percentage of their caloric intake.

?????????


RE: The programmer gets paid what?
By Runiteshark on 12/6/2007 11:09:50 AM , Rating: 2
I don't really believe it. Think about it this way, there are much better ways to make money with the 0day then just selling it to some joker for $1.43 (depending on the type of exploit).

If it was yet another netbios expoit or something to that effect, they could make quite a bit more by slapping that on a decent bot and using it to farm info. (which they could then sell as well)


RE: The programmer gets paid what?
By Clauzii on 12/6/2007 1:46:30 PM , Rating: 1
Oh, You mean the American Way :o


Just remember.....
By bighairycamel on 12/6/2007 9:30:02 AM , Rating: 2
Firewalls and anti-virus programs are our friends!




RE: Just remember.....
By Drexial on 12/6/2007 10:00:19 AM , Rating: 3
yeah not always. Yesterday i had to deal with a virus at work just like this that latched onto IE. we set up a test machine with it and no scanner found it. it took us two days before me and a coworker finally figured it out and had to manually remove it. after we removed it i did a search for the file name it embedded and only 4 search returns came up on a virus that was attacking companies for 3 days.

it would sit there logging IE activity and IP addresses then once IE closed, it would spam this IP with the log file of all the passwords and sights visited. Were lucky we got it before anyone went anywhere.

though ti was amusing the e-mail was a bogus complaint filed by Harry Johnson.... classic.


RE: Just remember.....
By Drexial on 12/6/2007 10:01:21 AM , Rating: 2
man i need to use that preview feature......


RE: Just remember.....
By murphyslabrat on 12/6/2007 1:15:23 PM , Rating: 2
Man, and you never even noticed the real virus: Internet Explorer.


RE: Just remember.....
By bighairycamel on 12/6/2007 11:31:17 AM , Rating: 2
Yes I know I am generalizing and there are always exceptions, but any good firewall will warn you when an IP is trying to gather information or retrieve already gathered info. From the story it sounds as though most of this malware that was found would have been blocked by a firewall from being able to report back to an IP. Security vulnerabilities in the browser may not keep it from being installed to your PC, but the firewall should make it practically uselesss with no host connection.


RE: Just remember.....
By Screwballl on 12/6/2007 12:00:26 PM , Rating: 2
Avira, Comodo, Spyware Terminator and a-squared
Your 4 best friends on a computer and they are all free.


RE: Just remember.....
By excrucio on 12/6/2007 8:20:59 PM , Rating: 2
I was attacked by a virus under the name of SIGN.exe took me a week to get rid of it. I onyl did got rid of it because it was running under IEXPLORER.exe which is IE process name.

luckily when i closed the virus from process i lagged and my computer spiked the real name of the pooper before changing to IEXPLORER.exe

it was under the SYSTEM folder.

I had 2 antiviruses and 3 anti spyware. some of this puppies are hard to get.


So like...
By NullSubroutine on 12/6/2007 9:08:11 AM , Rating: 2
So is it really like on Command and Conquer Generals?




RE: So like...
By Amiga500 on 12/6/2007 9:12:54 AM , Rating: 2
Yeah - we need to build more patriot sites


RE: So like...
By Polynikes on 12/6/2007 12:34:17 PM , Rating: 2
I advocate invasion. Let's steamroll them with tanks.


RE: So like...
By murphyslabrat on 12/6/2007 1:26:30 PM , Rating: 2
They already tried that themselves, can you say Tienanmen?

Well, that takes care of any Chinese hackers knowing that we know about them. ^^j


Very entertaining
By bangmal on 12/6/2007 5:24:13 PM , Rating: 2
It looks like this article is making some numbers up to give the fellow amercan people some hallucinations of superiority?

Last time I read, the virus programmers are making about 200k RMB, about 30K USD per month, on average. Every year these hackers proft billions of dollars, base on the very conservative estimates.

It is really funny, yet sad to see those american are recuded to level that they have to imagine something up to boost their self-esteem, *OH save the poor china*




RE: Very entertaining
By excrucio on 12/6/2007 8:30:07 PM , Rating: 2
Stupidity or Ignorance

You pick, and no they are not the same.


RE: Very entertaining
By clairvoyant129 on 12/6/2007 11:49:43 PM , Rating: 2
And where did you read that? Pulling numbers out of your Commie ass?

Btw, I'm not American.:)


Ah, you read that wrong
By tpurves on 12/6/2007 10:13:01 AM , Rating: 3
What the report actually says is "We searched within the underground black market and found the following prices for typical “services”within this market: the market price of a Trojan is between tens to thousands Renminbi (RMB), and a package of 0-day powerful Trojan generator and evasion service can be up to several ten thousands RMB. 10 RMB is as of November 2007 equivalent to $1.34 US dollar. This means that such software has a certain value and Virus Writers have the incentive to invest time and knowledge into this area."

so one copy of some old hacker script might be tens of RMB (a few USD) ranging to tens of thousands of RMB (= thousands of USD) for a sophisticated zero day exploit.

that sounds more realistic.




Trap
By Trisagion on 12/6/2007 10:06:39 AM , Rating: 2
Bring out the Chinese Finger... er, Hacker Traps!




1.34 per trojan
By offhand on 12/6/2007 2:04:16 PM , Rating: 2
Actually the OP has misquoted the report. the report states:

the market price of a Trojan is between tens to thousands Renminbi (RMB),and a package of 0-day powerful Trojan generator and evasion service can be up to several ten thousands RMB. 10 RMB is as of November 2007 equivalent to $1.34 US dollar.

So they are making a lot more the $1.34 per trojan.




"A lot of people pay zero for the cellphone ... That's what it's worth." -- Apple Chief Operating Officer Timothy Cook

Related Articles
Teen Botnet Mastermind Arrested
December 1, 2007, 4:01 AM













botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki