Skip to Content

China Hit by Rise of Attacks

China sees a major increase in infections on file-sharing sites and more targeted, localized malware threats.

China-based hackers are sometimes accused of being behind major external attacks like the one on the U.S. Office of Personnel Management, as well as acts of corporate espionage. But China has worsening internal problems, too.

In September, a counterfeit copy of Apple’s Xcode software development tool was offered on a local file-sharing site, leading to infections on iPhone apps created with the fake tool. The hack, which ended up affecting more than 100 million mostly China-based iPhone users, was Apple’s biggest security breach to date.

A possibly even larger hack was an October attack on NetEase, one of the top social-media and news platforms in China. A hack of its 163.com e-mail system, which is still under investigation, potentially exposed the aliases, security questions and answers, passwords, and other data of hundreds of millions of primarily Chinese users.

Hong Jia, a cofounder of the China-based threat intelligence firm ­ThreatBook and former cybersecurity expert at Microsoft, says companies and individuals in China are beginning to wake up to the threat. “Enterprises [in China] know that someday they will get targeted and a whole company can be exposed by an attack,” Hong said in an interview at the Association of Anti-Virus Asia Researchers International Conference, held in December in Danang, Vietnam.

According to a survey by auditing firm PricewaterhouseCoopers, over the past year companies in China and Hong Kong saw around 1,245 attacks each on average, compared with 241 the year before. In addition to big hacks like the iPhone incident, Chinese companies have experienced a rapidly rising number of attacks that use so-called social engineering to trick individuals into clicking links that download malware onto the user’s computer. “The threats you see in China are really, really targeted,” Ingvar Froiland, director and general manager for the security company F-Secure, said in an interview at the Da­nang conference. Froiland said the threats are often language-­specific or event-specific—such as targeted attacks during Chinese New Year and other holidays. He added that they also may be system- and application-­specific: for example, they are sometimes launched through games that may not be used widely outside China, or through file-­sharing sites accessed mainly by Chinese users.

At Chinese companies, attacks are rising sharply. And Chinese hackers are launching more internal attacks through local file-sharing sites and games used mainly within the country.

Chinese authorities even discovered a “hacking village” last year. In a mostly rural area bordering Vietnam, large numbers of people were involved in cybercrime, cyberfraud, and hacking, often using the popular QQ instant messaging software run by Tencent, one of the world’s biggest Internet companies.

At the Danang conference, Liu Zhao, an antimalware analyst at Tencent, said he has been finding increasing numbers of new tricks deployed by hackers in China, including malicious files masquerading as harmless icons attached to documents sent to specific victims. Real-world parent-­teacher, school-student, or business-­consumer relationships—often discovered from stolen e-mails—are sometimes used for extortion, he added.

To fight targeted attacks, Hong said, analysts are working on analyzing traffic flowing from computer addresses and domain names to find the source, such as the hacking village. “We can see … what person might be behind it,” Hong said. Adding to China’s woes is that citizens often do not add protections to their mobile devices. Worldwide, “awareness of threats to mobile devices is not there yet,” Froiland said.

Keep Reading

Most Popular

Scientists are finding signals of long covid in blood. They could lead to new treatments.

Faults in a certain part of the immune system might be at the root of some long covid cases, new research suggests.

Large language models can do jaw-dropping things. But nobody knows exactly why.

And that's a problem. Figuring it out is one of the biggest scientific puzzles of our time and a crucial step towards controlling more powerful future models.

OpenAI teases an amazing new generative video model called Sora

The firm is sharing Sora with a small group of safety testers but the rest of us will have to wait to learn more.

Google’s Gemini is now in everything. Here’s how you can try it out.

Gmail, Docs, and more will now come with Gemini baked in. But Europeans will have to wait before they can download the app.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.