Most of the time when you read stories about the much reviled Chinese hacker it’s in the context of some cyberattack perpetrated on some website that has stupidly dared to hurt the feelings of the Chinese people. But really, what are Chinese hackers doing most of the time: well, duh, same thing everybody else is: trying to make some moolah.
But how much money we hear the anxious parents of deadbeat teenagers say. Well, we recently came across an article about a 17 year-old hacker that could make 50K RMB/month. And the hacker interviewed for that article claims that this is only an “average” amount. Hackers, the bulk of whom in China seem to be (based only on anecdotal evidence) between the ages of 17 and 35, work both as individuals and in “teams”, offshoots of their hacker societies and networks that have become increasingly commercialized and profit-oriented.
Some operate as individual getihu, using their reputation to take on various projects and generate multiple sources of income. Take Shanghai hackeress Yingcracker who not only cracks software for people but also makes money developing hacker software (which she then sells, ironically enough) as well as training courses for young and aspiring hackers. A 2-3 month course in Oday (some technical thing that helps you crack stuff) with her costs 4000 rmb in tuition and is, we surmise, a distance based online education. YIngcracker claims that she can pull 15k a month, though we don’t know of what statistical significance that figure is: is it an average, or all time record?
Of course, the bread and butter of hacking is attacking computers, breaking into company websites and personal emails. etc. We just read an article where a reporter goes “undercover” and asks hackers, who advertise all over the place, about the various services they offer. For example: breaking into a regular free email account costs 500 RMB but a VIP email account will cost you more.
Slightly higher on the value chain are large bundles of QQ accounts, which a lot of Chinese people us as their IM of choice and which is closely tied to both the real adn virtual Chinese economies. People sift through the high value ones and then bundle and sell off the remainder, and it so it goes, sold and resold, all the way down the chain.
Successful hacking requires more than Bruce Willis shouting at you or getting someone to give you head while you hack (yes we mean you, Hugh Jackman). You need resources, namely other computers. In Chinese hacker lingo, an unsuspecting computer that has been taken over by hackers is called a “rou ji” (meat chicken? is there an English equivalent or analog?) and once you get, say, 100,000 of these, you’ve got a veritable “zombie” army of computers ready to do your nefarious bidding. There are even some that are reputed to have over 300,000 computers at their beck and call. To “rent” 5000 of these zombies costs 5000 rmb each time. This business model has supposedly generated millions of RMB in hacker revenue per year. Of course, some of their major projects still involve attacking thousands of foreign websites, notably in the Japan and the US, and which, for most hackers, are much harder since they are generally more security conscious and better protected.
Finally, let’s not forget that this isn’t all about a grey economy populated by shadowy figures with code names: it’s all very Infernal Affairs like: you can’t always tell the good guys from the bad guys. Sometimes they switch roles: the security experts become hackers, and the hackers get hired as security experts. One of the founder of the “Red” hacker networks, one Li Yong, has worked as security consultant for several companies, while others have reputedly taken on similar contracts from investors both China and abroad.
Well, that’s it for now. By the way, have you considered running OS X or Linux as an alternative to Windows? Might want to consider it.