An uptick in data breach and ransomware-related darknet sites in China suggests cyber crime has been profitable among its participants in the nation, and several operations appear to be expanding.
Chinese darknet sites are being blamed for fueling the rise of a data breach epidemic in which billions of data records are now being stolen on an annual basis.
According to information security service providers at CNSecurity, several Mandarin language sites on the dark web have been discovered hosting hacker wanted ads, suggesting plans for further data breaches and ransomware attacks. The sites name international companies as targets and specify language requirements, of which Korean and Japanese tend to be the most popular.
China has long been known as the source for several famous ransomware attacks, and home to a well-established cyber criminal underground that capitalizes off data breaches in a surprising number of ways.
An in-depth breakdown of this particular criminal network, published by cyber intelligence experts at Intel471, details the several levels and connections between the various players. Data is initially obtained by a hacker or insider, repackaged for salability, sold to middlemen who place it for sale on darknet markets. The information is then purchased by scammers who use it to threaten, ransom, blackmail or extort their victims. Everyone involved is entitled to a cut of the resulting profits.
Diagram explaining how money is made off sales of data. Source: Intel471.com
In China, where the country’s ‘Great Firewall’ blocks access to thousands of websites, cyber criminals employ a secret system of communication within the framework of the country’s limited internet availability. Sometimes this involves conducting business on state-sponsored social media platforms in such a way that buyers and sellers of stolen data can remain undetected by government agencies.
In Sept. 2020, it was reported that the Chinese Communist Party (CCP) was spying on millions of people around the world through harvesting information about them from the dark web.
Use of the Tor browser has been unofficially banned in China and the government has attempted to block Tor use by its citizens for over a decade. Despite these attempts, thousands of Chinese continue to access the Tor network each day.