Chinese Hackers Leverage World-Cup Buzz

On May 14th we brought you a report regarding hacktivists threatening to wage cyber attacks against the Brazilian government and FIFA. This time, we are publishing yet another World-Cup-related post, but from a slightly different angle.

China, the world’s most populous country, is also the world’s leader in terms of number of cellphone users. The smartphone revolution did not skip China, and oh boy did it make an impact! Chinese people love their phones. No, Chinese people are obsessed with their phones might be a more precise choice of words.

As you probably know, Chinese cities are not small (quite an understatement!), and commute time has to be killed somehow. That’s why riding the subway in China, except for being overwhelmingly crowded at times, is also just the perfect timing for many passengers to indulge in intensive game-playing! While some prefer to fiercely ride a digital motorcycle, shoot intruding aliens, or grow vegetables in a farm, others have a liking for sports games, perhaps as a compensation for rotting in front of a computer desk all-day-long. The latter will inevitably come across a bundle of World-Cup related game apps available on all application markets.

Image

World-Cup is a buzz-word, no doubt about it, and as such, it attracts not only the gamers’ attention, but the hackers’ as well, and the Chinese hackers know their onions, all right. They leverage the buzz and try to con unwary mobile users into downloading and installing infected apps. The hackers use the “repacking” method – they download a legit and innocent game app, plant a malicious code within it, and upload it once again to the app market, or to a forum. The compromised app looks just the same – it has the same icon, its name is almost identical, and the user has virtually no way of noticing any abnormality after having it installed.

Actually, this is not the first time we see this method being practiced – Chinese hackers use just the same mischief whenever a national holiday is being celebrated, a major event (be it national or international) takes place, or just when some application garners a lot of popularity.

There is a famous story in China about a farmer in the Spring and Autumn Period (approx. 771 to 476 BC) who was working in the fields, when a rabbit was running by and suddenly dashed into a tree stump. The joyful farmer brought the dead rabbit home and cooked it for dinner exclaiming that there is no need for him to work any longer, as he can simply sit by that stump and wait for more rabbits to knock dead into it. This story gave birth to the idiom 守株待兔(literally “to watch the stump and wait for rabbits”) meaning “to trust chance and luck rather than go working”. The Chinese hackers who use this “repacking” method are just modern lazy farmers, patiently awaiting unlucky mobile-users to fall prey to their hands.

Even though this post is China-focused, it is important for you to bear in mind that this “repacking” method can be easily implemented anywhere. We urge you to download applications only from official sites and app-markets, and to install an antivirus on your mobile device.

Don’t be a rabbit!

And with all that being said, we wish safe-gaming to all World-Cup enthusiasts, and good luck to all participating countries!


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s