Priya Patel“`html
TLDR:
- Chinese hackers have been using various tools and tactics for data exfiltration and selling on the black market.
- They employ methods like SMS hijacking, smishing, software development kits, and penetration testing tools to gather personally identifiable data.
Over the years, several reports associated with cybercriminals have been based in Russia and Western countries. This is due to the fact that many sophisticated cyber attacks and data leaks originate from these regions. However, there has been major blindness towards the growing threat actor community from China. Chinese underground hackers have made a significant place in Telegram and Twitter for illegally advertising large amounts of PII data obtained through various methods like malicious software development kits, deep packet inspection, penetration services, insider access, and counterfeit mobile applications.
According to the reports, the Chinese hackers have been estimated to have a significant presence in the black market data realm. They use Telegram to advertise their services, bypassing surveillance from their country, and employ methods like SMS hijacking and DPI for data exfiltration. These threat actors gather personally identifiable data from victims using various tactics and even sell financial data like CVV/POS in their data leaks.
The Chinese hackers have created their own repositories of leaked PII data, separate from Chinese APT actors. They wait for some time after selling data before uploading it to these repositories. The article emphasizes the importance of understanding the tactics and tools used by Chinese hackers in the cyber threat landscape.
“`
