LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: September 22nd, 2014
Linux Advisory Watch: September 19th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night Print E-mail
User Rating:      How can I rate this item?
Source: www.helioslab.org - Posted by Administrator   
Features An Interview with a Member of the Chown Group (COG) about the billion dollar hacking business in China "My friend earned 6 million Yuan a night by socalled Shuaku or data server intrusion, and he bought a racing car the next day to show up in front of us", said Liwrml, one of the initiators of China's first hacker organization named Green Regiment.

According to Liwrml, Shuaku is among the coolest hacking technologies, and is also among the topmost hacking industries as well. "Although I admit that every body is envious in heart, but I will never do like that, for people shall maintain the moral bottom line", he added.

Liwrml also disclosed that the Chinese hacking industry was worth more than 10 billion Yuan RMB, and driven by the money desire, the Chinese Internet is challenged with the possibility of out of control.

In 2008, Chinese hackers found that hacking was a profitable business, and since then, they started to do non-core business, the socalled Black Industry Chains. Before that, their activities were centered around IT technology sharing.At that time, people who are not respected in the society, found themselves like God in the Internet, doing whatever they wanted and then also started with the socalled Black Industry. The booming period of this business was between 2004 and 2005, when there was no regulations. But now the majority have already retreated from doing that because they have earned enough already.

The Chinese hackers can be divided into three classes: the black hackers doing Black Business, the grey hackers for grey industry and the white hackers with government background.

The Grey Industry is not the same as the Black Industry, in that the former is making middleware, or the socalled gangster software. This type of software is embedded into the computer memory and is a sort of forced advertisement. This kind of advertisement module can be sold at RMB 80 per piece. One well-known media playing software once earned RMB 600 000 a day of playing, while another software company started up with pirating Windows operation system has sucked in a 7-digit Yuan income in its first month of operation, which was even unexpected by the boss of the company himself.

But there are still differences between Grey Hackers and Black Hackers, with the later doing things in direct violations of laws. The most notorious example is the "Big Miss" Trojan code decrypted in 2008.

The "Big Miss" hacker system has managed a strict franchising system, from the general gold agent to general regional agent. During the making of Trojan codes, there were again job organization. For example, a big trojan code has 12 smaller trojans, each of them is able to bypass the active protection of the game software operators. The makers of trojans earn one part, the sellers the other part and yet the account stealer also some parts.

Insiders of the hacking industry called stealing of accounts "Envelop". At the best time each "envelop" can be sold at 100 Yuan, and it was as easy as a game to earn more than 100 000 a night. Once the stealing is finished, next came the "envelop washing or cleansing", that is, to load the device of the stolen accounts into the small accounts, and then cleaned up the unlawful money through the underground bank systems. There is flowing band operation.

The "prosperous" development of the hacking industry has put the Internet into virtually out of control. The power of the hackers, the inability of the security companies and the distorted market development, all have contributed to the booming of the hacking business.

It is popularly known that people in the security industry earn much less than those in the hacking business, although both of them own the same skills. This forces a considerable number of security professionals to turn to hacking business, or to do partime hacking job. According to an employee of a security company, about 1/3 to 1/4 of the security engineers are involved in the Black Industry. Their incomes out of this bybusiness are fluctuating very much, among them, the best can earn RMB 200 000 a month.

What's ironicly it that the hackers and the security companies have established a close relationship, as the continuously improved skills of the hackers are pushing the security industry to upgrade their own technologies in a battle to defend the Internet and computer systems.

There is also a general trend among the hackers the trends towards younger age. Much of the hackers are born after the nineties, and they have plenty of time either.

The author: Mr Chen Minghua, CEO of HeliosLab (www.helioslab.org) is a senior consultant in several major technology areas. He is an invited and frequent author of several online magazines and media.

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Snowden: New Zealand Is Spying, Too
DDoS attackers turn fire on ISPs and gaming servers
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.