Threat Management, Threat Management

Black SEO offered to cyber-criminals

Chinese hackers are offering a new service. According to a new report by one of Trend Micro's threat researchers, Lion Gu,  the eastern criminal syndicates so prolific in the world of cyber-crime have started to offer SEO services to those touting malware apps on none other than Apple's app store.

How cyber-criminals could offer so called ‘black seo' for this service clearly implies that the search rankings for particular apps can be manipulated. Infected apps on the tech giant's app store are not uncommon either

The App store, Apple's distribution platform for mobile applications, has nearly 1.5 million apps sold on it and remains one of the main platforms for downloading mobile applications.  

To sell an application on the store, the vendor's product must undergo review by the company. While they've rejected porn, newspaper apps and even one that notified users whenever an American drone hit a target, there have been notable cases of applications in-built with malware, making it through the review process. Apple eventually had to remove 40 applications, including popular instant messaging and ride sharing apps, that were infected with malware earlier this year from it's app store in China. The culprit apps were built with something called XcodeGhost which could phish user credentials without their knowledge.

In fact, perhaps as a measure of the services' popularity, the report notes that prices have gone up since 2013. A boost into the top 25 free apps list of the store cost £2,259 in 2013, but these days the price has more than doubled to nearly £5,000.  Entry into the top paid apps list, on the other hand, has gone down. Just two years ago, it cost £6,500 to get into the top five paid apps list, and  now it costs less than half of that.

Other services offered include scanned fake documents for £3, social engineering toolkits for £33 as well as Weibo (a popular Chinese social media platform) popularity boosters denominated in comments and followers and spamming services.

The report also highlights a couple of other startling products in the Chinese cyber-crime scene including the sale of Point Of Sale (PoS) systems infected with ‘skimming' devices. These devices, once bought from the online cyber-mall are supposedly sold on to legitimate Chinese businesses with the intent of hijacking the financial details of every card that passes through it. Sold for just over £500, some of the PoS ‘skimmers' even come with SMS notification features, telling the miscreants when yet another card's info had been taken. The report notes that just this August, Investigators found a small company hawking these skimmers that had made off with  £157,204.

Gu says that underpinning much of this illicit trade is bulletproof hosting, underweb slang for a provider that will host just about anything. The trade in malware and hacking services thrives off providers looking the other way as to what their tenants get up to.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.