Saturday, April 9, 2016

WeChat has to deal with a large number of complaints and close many accounts because of fraud

WeChat is the most popular social network platform among Chinese across the world.

With such popularity, the platform has also attracted a lot of fraud activities. Criminals and malicious users are using WeChat to spread rumors, and to commit fraud.

In 2015, Tencent, the company who operates the WeChat platform, processed 8.5 million user complaints, and had to close hundreds of thousand accounts.

The most prevalent illegal activities on WeChat and other network platforms are:

- Fraud
- Gambling
- Drug/weapon dealing
- Blackmailing
- IP infringement

Today, many fraud activities are associated with fake job offers, porn services on the Internet, pay for participating in a lottery, red envelops, etc.

Source in Chinese: http://mp.weixin.qq.com/s?__biz=MjM5NjM4MDAxMg==&mid=405514250&idx=1&sn=99a252f096484325d2543ec7f0ce48ad&scene=5&srcid=0410cRDztJ3P4w2LiqcheA6t#rd

Wednesday, December 23, 2015

Data security risks rising for Chinese firms

Based on a study by PwC, Chinese companies tackled an average of 1245 information safety cases in 2015, a 517% year-on-year increase over last year.

Customer data, internal records, and intellectual property owned by energy, retail, technology, and engineering companies were the most targeted.

In addition, wider adoption of emerging IT solutions such as the Internet of Things increased the chances of data leakage, as more data are transmitted from portal devices and over wireless networks.

The survey also found that Internet security budgets for Chines companies neared $8 million in 2015, significantly higher than the global average of $5.1 million.

Online data leakage and damage cost China-based firms $2.63 million in 2015, a 10 percent jump over 2014. The amount is also higher than the global average of $2.55 million, because cyber-security incidents involving the cash-rich Chinese Internet companies usually entail high financial losses.

The results are based on a survey of more than 330 chief executives, financial officers, and IT professionals working in mainland China or Hong Kong. 

Wednesday, November 25, 2015

DDoS has become a big business in China


Based on a research published by Tencent Research Institute, in China, DDoS attacks now "employs" about 380,000 people in China, with more than 6000 hacking groups, and revenue to the north of RMB$10 billion ($1 = 6.39RMB as of Nov. 25, 2015).

Typical scenarios of a DDoS attack in China include:
- Business competition: one would hire these hackers to attach the website or IT system of a competitor.
- Blackmail: one would attack a business until some ransom money is paid.

People make money by:
- Sell DDoS tools
- Execute attacks
- Be the middle man.

(Source is in Chinese: http://mp.weixin.qq.com/s?__biz=MjM5OTE0ODA2MQ==&mid=400673180&idx=1&sn=ed89dbe28196c9fea6d9c05c466740af&scene=5&srcid=1125DUtCuEyO5DNOtemTqyAM#rd)

Tuesday, February 19, 2013

Software piracy, followed by hacking

China Mafia-Style Hack Attack Drives California Firm to Brink

"For three years, a group of hackers from China waged a relentless campaign of cyber harassment against Solid Oak Software Inc., Milburn’s family-owned, eight-person firm in Santa Barbara, California. The attack began less than two weeks after Milburn publicly accused China of appropriating his company’s parental filtering software, CYBERsitter, for a national Internet censoring project. And it ended shortly after he settled a $2.2 billion lawsuit against the Chinese government and a string of computer companies last April. "

Spear fishing, sabortage of email server, etc. were the tactics used by the attackers.

Saturday, February 16, 2013

The profile of a Chinese hacker

This article (http://www.businessweek.com/articles/2013-02-14/a-chinese-hackers-identity-unmasked#p1) describes the unearth of some details of a Chinese hacker who has spread malware to take over machines, which in turn would send information to servers this hack owns.

Case in point: a hacker also a real life. In the malware, the hacker uses his "pen names". But the email associated with the domain registration information for the servers he owns gave clue to researcher where to look further. Then researchers were able to find the email being used to register a company, and post in public forums about the car he owns.

It looks like in real life he is a teacher at the PLA Information Engineering University in Zhengzhou, Henan Province.


Friday, February 1, 2013

Both New York Times and Wall Street Journal claim to have been hacked by China

New York Times, for the article about Wen Jiabao's family accumulating massive wealth.

Wall Street Journal, for monitoring the newspaper's coverage of China.

Both claim that the hacking starting with their office or staff in China. This is similar to Google's claim that it was hacked, starting from its staff in China.

http://www.nytimes.com/2013/02/01/technology/wall-street-journal-reports-attack-by-china-hackers.html?_r=0

New book by Schmidt and Cohen views China as most dangerous

Eric Schmidt is former CEO of Google.

Jared Cohen used to work for the US State Department and is now the head of Google Ideas, the search giant’s think tank.

In their new book "The New Digital Age", they regards China as “the world’s most active and enthusiastic filterer of information” as well as “the most sophisticated and prolific” hacker of foreign companies. 

http://blogs.wsj.com/corporate-intelligence/2013/02/01/exclusive-eric-schmidt-unloads-on-china-in-new-book/