Monday, December 10, 2007

Inside the Chinese Underground Economy

Here's a very detailed, and recently released event-study on Malicious Websites and Underground Economy on the Chinese Web, and this is how they assessed the high activity at the underground related forums :

"Unlike the US or EU blackhats communities, Chinese blackhats are typically not familiar with IRC (In-ternet Relay Chat). They typically use bulletin board systems on the Web or IM software like QQ tocommunicate with each other. Orthogonal to a study on the underground black market located within IRC networks, we measure the Chinese-specific underground black market on the Web. We focus onthe most important part located at, the largest bulletin board community in China. We crawled the portal and stored all posts and replies posted on some certain post bars which are all dedicated for the underground black market on this particular website. The post bars we examined include Traffic bar, Trojans bar, Web-based Trojans bar, Wangma bar (acronyms of Web-based Trojans inChinese), Box bar, Huigezi bar, Trojanized websites bar, and Envelopes bar."

What's the big picture on the Chinese IT Underground anyway? It's a very curious perspective next to China's economy self-awareness from a supplier of the parts that make up the products, to the independent manufacturer of them in real life. In cyberspace, the people driving the Chinese Underground tend to borrow malicious know-how from their Russian colleagues by localizing the most popular web malware exploitation kits such as Mpack and IcePack to Chinese, as well as benefiting from the proven capabilities of an open source DDoS-centered malware by also localizing it to Chinese and porting it to a Web interface. And so once they've localized the most effective attack approaches by making them even easier to use, the start adding new features and functionalities in between coming up with unique tools by themselves.

The bottom line - China's IT Underground is indirectly monitored and controlled by China's Communist Party, with the big thinkers realizing the potential for asymmetric warfare dominance as the foundation for economic espionage, and the largest cyberwarriors buildup in the face of people's information warfare armies driven by collectivism sentiments.

Here's a very interesting article detailing some of perspectives of the China Eagle Union, the Hacker Union of China, and the Red Hacker's Alliance :

"The Chinese red hackers have their own organizations and websites, such as the Hacker Union of China (, the China Eagle Union (, and the Red Hacker's Alliance ( The Hacker Union of China (HUC) was founded on December 31, 2000, and is the largest and earliest hacker group in China. It had 80,000 registered members at its peak, and reportedly has 20,000 members after regrouping in April 2005."

No comments:

Post a Comment