The Chinese Judicial Big Data Research Institute conducted an analysis of cybercrime in China and discovered that between 2017-2021 40% of their cybercrimes involved some form of fraud. Most of these fraud cases focused on fake loans, impersonation, and false recruitment (Wyk, 2022). A recent case involving false recruitment and a “Pig Butchering” scam (gaining someone’s trust under false pretenses to get them to invest in phony investments and taking all of their money) (Olcott, 2022) involved the Chinese Mafia who falsely recruited individuals from the Philippines under the guise of employment with call centers and offshore gaming operator jobs in Thailand. However, these individuals would end up becoming victims of Human Trafficking as they were brought to Myanmar where the victims are then taught how to scam people around the world by establishing relationships through social media apps like Facebook, WhatsApp, and the dating platform Tinder (Butts, 2022). They were instructed to target professionals and get them to invest in cryptocurrency apps that would take their money and give it to the Chinese Mafia. Failure to comply with this would result in a lack of food, being sold to another company, and threats to their lives (Butts, 2022). However, many more groups within China are a lot more active, many of whom target high-profile companies.
One of the most active Chinese Hacking groups that were named by the U.S Department of Justice in 2020, is the Double Dragon (also known as ATP41, Barium, Winnti, Wicked Panda, Wicked Spider, TG-2633, Bronze Atlas, Red Kelpie, and Blackfly). They are believed to be sponsored by the Chinese Communist Party (CCP) for espionage purposes while also moonlighting for their financial gain. One such operation they conducted compromised over 100 different companies (Carrega & Perez, 2020). Double Dragon has targeted over 14 countries, most notably the United States. Some of their activities include tracking incidents, compromising business supply chains, and collecting surveillance data. One of their most recent operations occurred in 2022 where they stole at least $20 million in COVID-19 relief aid for the United States (Carrega & Perez, 2020; Fitzpatrick & Ramgopal, 2022). Double Dragon uses a variety of techniques including passive backdoors to access files (which is harder to detect than the traditional backdoor access) and supply-chain compromises where they inject code into legitimate files to compromise the system and gain access. Finally, they will often use a malware program known as Bootkit (a variation of rootkit that replaces the original program with a compromised one to gain access, it is incredibly difficult to detect). These tools are often utilized through false video games that will give them total access to a system (Fraser et al., 2019).?
Want to read more? start here website: https://aracariproject.io/
