Wherever benefits can be reaped, money hungry people are sure to follow. As far as the lucrative domestic internet market goes, with each passing day more and more dubious people are swarming into the web market, joining an ever-expanding black market for “virus groups.”

Following the exposure of a name list of “China’s Top 10 Virus Groups”, the people behind names like “Huangfeihu” (黄飞虎); “Lao She” (老蛇) and “192” viruses, which are usually hidden deep in the virtual network of the internet, are now slowly starting to surface. “They don’t belong to a certain company; they just follow a company’s operations. They don’t have to go to work every day, but can still reap huge awards,” explained Li Tiejun, a safety expert working at Jinshan Wangluo. Many companies illegally earn several hundred million Yuan every year by being the first to spread a virus within the industry chain, according to Li.

“Because most companies set up their servers abroad and don’t directly invade other people’s websites or steal internet users’ assets, it’s very difficult for domestic public security organs to catch these cunning perpetrators.” But mainland industries are starting to call on judicial circles, demanding major improvements in dealing with virus related crimes. 

80% of the 10 major virus groups come from China

At present, China has over 30 active internet virus groups. “So-called virus groups refer to illegal organisations which produce and spread Trojan Horse viruses, thereby illegally earning money. Some virus groups make an annual income of several hundred million Yuan, as many small to medium sized industries don’t know how to protect themselves,” Li Tiejun explained.

The results of over one year of analysis by Jinshan Wangluo show that 80% of the channels for spreading computer viruses are controlled by ten major virus groups, including Huangfeiyu, HYC, HY, Lao She, 192 and many more. “These groups can’t be detected by the naked eye. On the contrary, they’re very abstract organizations, who constantly hide their whereabouts by changing servers or IP addresses. They don’t have official names; they just go by their original domain name registration info,” according to Li Tiejun. Li further pointed out that the competition is fierce, as Zhang Feng Group’s (张峰集团) fall from the number 4 position in 2009 to its current number 8 position clearly shows.

Stealing for a “Money Lord”

What sets virus groups apart from hackers, is that they don’t directly steal money. These groups usually whole-heartedly work for an overarching “money lord”. These “money lords” may be a legal website or even a well-known internet company.

According to Li Tiejun, virus groups rely on seven kinds of “weapons” for spreading viruses, including tampering with pop-up advertisements, creating website links on people’s desktops, changing the computer’s homepage or changing icons on the bookmarks bar. However, there’s only one goal for all these actions: trying to redirect a huge number of people to their sites.

According to estimates, for every one computer successfully infected with a virus, the culprits can earn around 2 RMB. And for all the user traffic successfully brought in by the virus, every thousand IPs create around 6 RMB in profits. According to statistics by Jinshan, the main virus groups can infect around 200,000 PCs a day, which means if one only calculates income from traffic alone, these groups can make around 200 million RMB per year.

Not so easy to bust

“We’ve already reported the crimes to public security organs and have recently been constantly cooperating with police investigations,” said Li. However, because of police demands, Jinshan Company are temporarily unable to reveal the progress of their fight against the perpetrators. “To be realistic, it is extremely difficult to destroy these groups. The virus group Huangfeihu for example, changed its IP address over 500 times within one year and is vigilant to the extreme. But what’s even more key in the situation is that many of these groups set up their servers abroad, hence making them impossible to trace,” Li Tiejun pointed out.

Moreover, figures from the judicial world have pointed out that it is quite difficult to pursue cases in which there is no clear evidence of direct property theft or invasion of other people’s websites. There is also no similar precedent to go by in China and there are also serious shortcomings in China’s judicial system, hence making progress in winning the fight against these criminals a slow and dragged out process.

Finally, one thing that’s also worth noting is that Jinshan’s report shows that these illegal groups are gradually starting to focus on the e-commerce industry. “Last year, over 43 billion RMB worth of transactions were made on Chinese e-commerce sites, giving these outlaws an unusually large playground for committing crimes. I hope that all the relevant departments begin to strengthen efforts to prevent and punish all those responsible,” Li Tiejun urged.

Source: gcpnews.com

Warning：The use of any news and articles published on eChinacities.com without written permission from eChinacities.com constitutes copyright infringement, and legal action can be taken.

Keywords: Virus groups China lucrative computer virus market China computer virus China