Profit drives flood of Chinese malware

New malware attacks are emerging from China almost daily, as malicious hackers discover increasingly sophisticated methods of generating profit from viruses and trojans, security professionals say.

Based on past cyclic behavior, researchers at US-based FaceTime Communications believe attacks will rise to a peak during the next two months, before falling off slightly during the summer. The company did not offer an explanation for the origin of these cycles, although other researchers have linked the quieter periods to university and high school vacation times.

"In the last three to four months, there has been a steady increase in Chinese malware. It has gone beyond the odd file every now and then to finding something new almost every day," said Chris Boyd,  FaceTime's director of malware research. "Symfly, the recent Trojan that may have tampered with Web traffic rankings for several Chinese Web sites, is evidence that clever hackers across the globe are realizing the potential to make money from unauthorized installations. Previously, security professionals have not had as much interaction with Chinese infections beyond crude and basic forms of attack – this is a new frontier."

The Panda worm which struck earlier this year stole online game account passwords. Valuable game items and gold were exchanged for real world cash through online auctions and other channels. The accounts were then sold to 'gold farmers', who used them to generate more income.

The Panda worm's Chinese programmer made at least $20,000 before being arrested. One of his business partners bought a new Jeep with the proceeds, and reportedly described malware as an 'easier source of income than real estate'.

FaceTime has measured a 6 percent increase this quarter in attacks targeting users of popular instant messaging and file sharing networks, including IRC (internet relay chat). Private and corporate networks are also increasingly being targeted, FaceTime claims – the company specializes in managing and protecting these kinds of networks.

More details at FaceTime.