Lion Gu, a senior threat researcher with Trend Micro, has published a research paper on the Chinese mobile cybercriminal underground market. The report analyzes SMS spam services and other similar products being put up for sale on the underground market in China.
The underground offerings analyzed by Gu include premium service abusers, SMS forwarders, iMessage spamming services and software, SMS spamming services and devices, app rank-boosting services, and phone number scanning services.
Premium service abusers are very common. They represent one of the favorite methods used by cybercriminals to make a quick profit. These threats are designed to subscribe victims to premium SMS services without their knowledge.
Normally, when users subscribe to such services they receive an SMS to alert them. To make sure they don’t raise any suspicion, SMS Trojans are designed to intercept and delete the confirmation messages.
SMS forwarders are also dangerous because they’re designed to intercept text messages received by users and forward them to the cybercriminals. This could be very problematic, particularly because many users receive authentication on verification codes on their mobile phones.
These codes could allow the attackers to access online banking accounts and other services.
SMS spamming services and even SMS spamming devices are being offered on the Chinese underground market. For instance, GSM modems are used to send and receive text messages with multiple SIM cards. A 16-slot GSM modem can be used to send out close to 1,000 SMSs per hour.
And if 1,000 messages per hour are not enough, spammers can use Internet short message gateways. If they want to make spam texts appear as if they’re coming from special numbers to trick victims into believing they’re real, they can use SMS servers. A complete SMS server kit costs around $7,400 (€5,400).
Cybercriminals who want to target Apple customers can rely on iMessage spamming services and software that enable them to send messages to iPhone, iPad, iPod and Mac users. Such solutions are usually cheap. It costs $16 (€11.6) to send out 1,000 text messages.
However, in order to send out SMS spam, cybercriminals need phone numbers. To make sure they send texts only to real numbers, they use phone number scanning services. For 100,000 valid numbers spammers have to pay only $16 (€11.6). For $160 (€116) they can buy 3 million phone numbers.
The complete report, titled The Mobile Cybercriminal Underground Market in China, is available on Trend Micro’s website.