The Chinese Cybercriminal Underground in 2015

Discussion in 'Cyber' started by Admin, Nov 30, 2015.

Share This Page

  1. Admin

    Admin Captain Staff Member Administrator

    Joined:
    Oct 3, 2015
    Messages:
    343
    Likes Received:
    461
    Location:
    United-States
    Prototype Nation: The Chinese Cybercriminal Underground in 2015
    Today, the Chinese underground is thriving more than ever. Previous explorations in the Chinese underground have indicated that cybercriminals are quick to adapt to technological advancements and existing trends as seen throughout 2015. Data (either leaked or stolen) are now being traded along with prototypes and new functional hardware, like point-of-sales (PoS) and automated teller machine (ATM) skimmers.

    Link to the full report, highly recommended.
    https://www.trendmicro.com/cloud-co...lligence/white-papers/wp-prototype-nation.pdf


    I might start only using cash :$100:
     
    Falcon and AMDR like this.
  2. T-123456

    T-123456 Captain Staff Member International Mod

    Joined:
    Oct 8, 2015
    Messages:
    330
    Likes Received:
    490
    Location:
    Netherlands
    Where do you live,the adress?:0-:
     
  3. Admin

    Admin Captain Staff Member Administrator

    Joined:
    Oct 3, 2015
    Messages:
    343
    Likes Received:
    461
    Location:
    United-States
    Land of the free, home of the brave. :D
     
    Falcon and T-123456 like this.
  4. AMDR

    AMDR Captain Staff Member Administrator

    Joined:
    Oct 7, 2015
    Messages:
    376
    Likes Received:
    868
    Occupation:
    Student
    Location:
    United-States
    Insanity. I found this especially interesting

    "Some of the PoS skimmers sold underground even have an SMS-notification feature. This allows cybercriminals to instantly get their hands on stolen data via SMS every time the tampered devices are used."

    :0o:
     
    Falcon likes this.
  5. Technofox

    Technofox That Norwegian girl Staff Member Ret. Military Developer

    Joined:
    Oct 8, 2015
    Messages:
    900
    Likes Received:
    3,203
    Occupation:
    Professional "Doer" of "Things"
    Location:
    Norway
    Hobby:
    Being a geek
    Interestingly, one tech the US has been slow to adopt that we Europeans have dealt with for years, chip-and-pin credit cards, are still vulnerable, despite being seen as a more secure technology. Current malware, and one that's been affecting the US since 2013, is thought to be able to influence chip-and-pin systems too:

    A new kind of point-of-sale malware, which uses multiple layers of obfuscation and encryption to cover its tracks, has been identified by security researchers—and is being help up as the most complex software of its kind yet to be identified in the wild.

    Security researchers at iSight have identified the malware which they’ve dubbed ModPOS, short for Modular Point Of Sale. The software uses a wide range of tricks, such as key-logging, network monitoring and RAM scraping, to acquire the credentials of customers whose details pass through an electronic point-of-sale.

    The malware then uses a complex series 128 bit and 256 bit encryption to obscure the data it uploads to remote servers. Each customer’s details are encrypted using a different private key, making it almost impossible to identify what data is being stolen.


    The researchers at iSight attempted to reverse engineer the software, and found it took three solid weeks of work. By comparison, it normally takes them about half an hour for most POS malware. Speaking to The Register, Steve Ward from iSight explained:

    “This is POS [point-of-sale] malware on steroids. We have been examining POS malware forever, for at least the last eight years and we have never seen the level of sophistication in terms of development …[engineers say] it is the most sophisticated framework they have ever put their hands on.”

    Sadly, the report also explains that the malware has been in use around the U.S. since 2013, and iSight predicts it’s already been used to steal details for “multiple millions” of debit and credit cards. So far, the researchers have briefed 80 different U.S. companies about the effects of ModPOS, though those affected haven’t been publicly named.

    While it’s thought the problems largely affect transactions performed by swiping a card’s magnetic strip, it’s believed that the more secure chip-and-pin system could also be vulnerable to the mal
    ware.

    Fortunately, banks are often able to spot nefarious activity on accounts using machine learning and big data—which is good, because there’s no way of knowing as a customer if a point-of-sale device is infected with malware.

    ...

    The bolded part is alarmist, but and yet to be confirmed, but it does highlight a problem: that even the most secure payment technologies are still vulnerable to ever more sophisticated malware. Add retailer and bank reluctance to switch to newer payment methods, and the US is set for a lot more trouble.
     
    Falcon and AMDR like this.
  6. Falcon

    Falcon Major Staff Member Social Media Team

    Joined:
    Oct 10, 2015
    Messages:
    979
    Likes Received:
    1,491
    Location:
    United-States
    A lot of people in the industry come off as alarmist because they don't want to be wrong and because technically everything is vulnerable. The problem is the way they say it, like its the end of the world.

    Whats amazing is how relatively cheap it is to acquire a large bonnet.

    @Technofox Velkommen
     
Loading...