Malware Openly Available in China, Researchers Say
Researchers at the Black Hat conference this week said that China is becoming a hotspot for hacking activities at least partly de to easy access to malware tools.
Thu, July 29, 2010
Computerworld — LAS VEGAS -- China's rapid emergence as a hotspot for criminal hacking activities is enabled by the open and unfettered availability of sophisticated hacking tools, according to security researchers attending the Black Hat conference here this week.
Many of the hacking tools are inexpensive, highly customizable, and easy to use.
How to Fight Malware
A CIO's Guide to China
Most of the early users of the the malware products have sought to steal has been from from online gaming accounts inside China. But now experts are seeing much broader use of such tools.
Hackers in China are developing malicious software "almost like a commercial product", said Val Smith founder of Attack Research, a Los Alamos, N.M.-based security firm. The products come complete with version numbers, product advertising, end-user license agreements and 24-hour support services, he said.
They are "rapidly deploying very easy to use tools for cutting edge exploits," Smith said at a Black Hat presentation on Wednesday. "Their community is huge because [the malware] is easy to use," while at the same time many of the exploits are very advanced, he added.
Unlike in the U.S, the buying and selling of hacker tools in China takes place mostly in the open, said Anthony Lai, a security researcher with Valkyrie-X Security Research Group (VXRL) a Hong Kong based non-profit firm. Often, all that's required to find and purchase a malware program often is the ability to use a browser and search engine, he said during a talk at Black Hat.
Most of those selling malware products make little effort to conceal their activities. In fact, many openly advertise their wares and their capabilities through search engines like Baidu.com, he said. Customers can buy the malware they need for less than $20 or sign up as subscribed members and get regular updated supplies of the tools, Lai said.
The hacking tools run the gamut and are often designed for off-the-shelf use. Many offer exploit generators that allow more sophstocated hackers to carefully customize malware for specific needs by using graphical user interfaces, Lai said. The GUIs let wannabe hackers specify what they want the program to do, for instance, whether they want it to steal data, capture screens, log keystrokes, remotely control a system or undertake any other task.
Some check boxes lets malware purchasers decide what kind of obfuscation and hiding methods they want to use to evade detection by security tools, while others walk them through the deployment and updating process, Lai said.
- 5 Strange Ways iPhones Die: Insurer Hears it All
- Microsoft Plans Double-Sized Patch Tuesday Next Week
- Hotel Operator Warns of Data Breach
- NSF: Time for an Internet Do-Over
- 'Here You have' E-Mail Worm Spreads Quickly
- 'Here You have' E-Mail Worm Spreads Quickly
- Warrants May Be Needed for Cell Phone Data, Court Says
- Security Vendor Demonstrates Insider Attack on VMware ESX
- Smartphone Support Challenges Enterprise IT Teams
Delivered every other week, this newsletter features a comprehensive look at security from CIO.com.
