Illegal Activities Endure on China’s Dark Web Despite Strict Internet Control

Illegal Activities Endure on China’s Dark Web Despite Strict Internet Control

insikt-logo-blog.png
Note de la rédaction : Le message suivant est un extrait d'un rapport complet. Pour lire l'analyse complète, click here to download the report as a PDF.

This report analyzes the structure of internet sources used by Chinese-speaking threat actors to facilitate cybercriminal activities, specifically Chinese-language dark web sources, clearnet hacking forums and blogs, instant messaging platforms, and well-established criminal sources. This report aims to provide a general understanding of the Chinese-speaking cybercriminal landscape and the threat it presents under the context of its distinct cultural, political, and legal characteristics. Findings in this report include results from the Recorded Future Platform® and dark web and open sources.

Executive Summary

Chinese-language dark web sources are predominantly driven by financially motivated cybercriminals operating on marketplaces. Due to the government’s low tolerance of cybercrime and frequent crackdowns, maintaining good operational security and anonymity is essential for these cybercriminals. Although there is a wide variety of offerings in the Chinese-language dark web marketplaces, they are generally dominated by leaked data and virtual goods, which are easy to buy and sell while remaining anonymous. For the same reason, Bitcoin is the dominant currency on these marketplaces, and the marketplaces are generally integrated with messaging platforms, particularly Telegram. Due to constant law enforcement actions, lower-tier marketplaces commonly shut down and reopen; some of the more experienced threat actors are possibly migrating to international, well-established dark web sources to conduct business. The Chinese-speaking cybercriminal underground will almost certainly find ways to survive and thrive despite government crackdowns, however.

Key Judgments

Note de la rédaction : Cet article est un extrait d'un rapport complet. Pour lire l'analyse complète, click here to download the report as a PDF.