Two years ago, the Chinese cyber-crime underground was a thriving and productive economy with compromised hosts, DDoS attack tools and remote access trojans (RATs) being offered. Cyber-criminals abused the instant messaging app, QQ, in order to communicate with their peers.
Peddled wares were discovered to target not only PCs, but mobile devices as well. Most wares found were designed to target citizens of China. However, Americans, Europeans and the Japanese may also experience financial losses since credit card dumps containing personally identifiable information (PII) and credit card credentials of citizens from their countries are sold in the Chinese underground, too.
The Chinese cyber-crime underground is booming more than ever. Data is being traded with prototypes and new working hardware, such as point-of-sale (PoS) and automated teller machine (ATM) skimmers. Social engineering toolkits, such as Social Engineering Master, have been added to offerings in the market this year.
Trend Micro researchers expect to see more activity on the cyber-criminal front using new offerings from the market such as leaked data search engines. It's possible for cyber-criminals to commit a number of crimes such as financial fraud, identity and intellectual property theft, espionage and extortion with data leaks in the underground.
With the recent series of data breaches, a surplus of data dumps is for sale in the underground market. PayPal, Uber accounts and poker can now also be found in the leaked data search engines for the first time in the Chinese (and other) underground markets.
With the adoption of electronic and mobile payment, researchers also discovered that carding devices have become popular on the Chinese underground market. The use of cash transactions has slowly dwindled in recent years. Driven by a growth of internet and mobile use, China is expected to register a 27 percent increase in non-cash payments.
Various websites sell PoS, ATM and credit card pocket skimmers. The devices remove data from payment card magnetic strips to carry out bank fraud and theft as well as store and track data.
Trend Micro's paper, Prototype Nation: The Chinese Cyber-Criminal Underground in 2015 takes a closer look and contains a detailed list of products and services on the Chinese underground market.