CLICK CLICK BOOM

来源 :汉语世界(The World of Chinese) | 被引量 : 0次 | 上传用户:yhbx
下载到本地 , 更方便阅读
声明 : 本文档内容版权归属内容提供方 , 如果您对本文有版权争议 , 可与客服联系进行内容授权或下架
论文部分内容阅读
  China’s status as malware haven has a risky message for all
  那些令人不勝其烦的垃圾信息究竟从何而来?
  面对恶意软件,我们又该如何应对?
  It’s usually a young woman, moving through the subway from person to person. Politely, she asks if commuters would like to sign up to her WeChat account. In this case, she explains it’s a small fashion boutique which will provide updates on the latest products, chosen herself, as part of her small business aspirations, with the updates sent to their smartphone via her WeChat feed. Most passengers wave her away. While at first glance her entreaty seems harmless enough and the personal nature of the advertising makes it seem friendlier than signing up to a mass-email newsletter, these Beijing commuters are generally wary of unsolicited approaches.
  A few may have read headlines that shed light on how the personal touch can sometimes make these accounts shadier than their “official account” counterparts. When the boutique operator gets a new WeChat contact, that person’s account information becomes visible and is worth money to advertisers who pay in bulk for WeChat accounts they can spam with offers.
  The boutique operator is likely just turning a buck with her clothes, but if she sells those WeChat IDs to third parties, she will, perhaps unwittingly, become yet another face of China’s electronic spam problem, and all those who signed up to her account could be in for some very risky friend requests.
  Spam meets Malware
  Most people who buy SIM cards in China have been unfortunate victims of spam—often their contact number was sold to spammers by the SIM card manufacturer or an intermediary long before the SIM card was purchased, thus they are doomed to receive unwanted advertising right from the beginning.
  But malware has taken advantage of spam’s natural, virus-like qualities.
  The Conficker Worm is the world’s most common form of malware, according to internet security giant Check Point, but a new creepy-crawly from China recently buzzed into the top ten rankings.
  Going by the name Hummingbad, Check Point’s report indicates it has made its way onto around 85 million devices worldwide, affecting 10 million users (with 1.6 million users in China, 1.3 million in India, and over 286,000 in the US). Once on a device, it can create fake clicks on Google Play applications to install even more malware. However, as with the most common viruses, the goal is not to cripple the host; Hummingbad wants to spread spam, be it real or just a click mirage. Aside from delivering spam, it also defrauds ad networks (the large companies that pay-per-click to place adverts in apps made by small app developers). Essentially, Hummingbad tricks these ad network companies into thinking someone has clicked on an advert and thus should pay out the fraction of a cent that is owed. Generate enough fake clicks, and it adds up. Hummingbad is believed to generate around 300,000 USD per month.   Which, of course, raises the question: who is taking that cash?
  Check Point lays the blame squarely at the feet of Yingmob, which it says is partly a legitimate advertising firm based in Beijing and partly made up of (possibly semi-autonomous) malware developers based in Chongqing, operating under the umbrella of the “Development Team for Overseas Platform”.
  Hummingbad reportedly wasn’t Yingmob’s first attempt. Other internet security research companies have pointed the finger at Yingmob for creating Yispecter, one of the first pieces of malware able to target non-jail-broken iOS phones in a sophisticated fashion. A jail-broken phone is one with a system that has been seriously altered by its user so the company can no longer guarantee the settings work.
  Yispecter’s modus operandi is a little different; it uses four mechanisms to infect phones, the most popular being via Kuaibo’s QVOD player, which it exploits to install malware. On a side note, the CEO of Kuaibo, Wang Xin, became an unlikely hero to horny Chinese netizens in January 2016 after being put on trial for spreading pornography due to his media player being all but synonymous with porn. He quixotically challenged the charges in court by boldly stating that Kuaibo was no guiltier than any search engine that has a lot of porn, i.e. all of them.
  It didn’t work.
  China fights back
  Now the number two spam-producing nation (behind the US), according to international spam-busting group Spamhaus, China has been significantly stepping up its ground game in dealing with spam in recent years. Whether or not it can combat the tide being unleashed by technological advances is an open question, but Chinese anti-spam bodies do have significant wins to their name.
  China has an Anti Spam Alliance which is run by the Internet Society of China (ISC). The ISC approach to dealing with spam is to target internet service providers (ISPs) that knowingly host spam. This, of course, can get a bit tricky, as it comes down to defining what is and isn’t spam.
  Before defining spam, they have to spot it. Li Jia, a representative from the ISC, told TWOC that much of this comes from reports from web users, but also international exchanges and “honey pots” where a web crawler has found an email address listed somewhere online and starts spamming it.
  Deciding whether or not something qualifies as spam depends just as much on delivery method as content. Unsolicited bulk emails or targeting emails from anonymous senders are common ways to classify spam, though content that is deemed pornographic or “counter-revolutionary” can also get it blacklisted.   Li pointed out that the situation is getting better. “With the enforcement of the real-name cell phone registration system, the mechanisms to manage text message spam are improving. Despite problems with false base-station text messages and spam messages on iPhones, the overall anti-spamming situation looks a lot better than a couple of years ago,” he said.
  “It is not efficient to just deal with email accounts of spammers, as it is so easy to spam from new accounts. Therefore, for email spam we usually blacklist the IP addresses of spammers,” he said. “China doesn’t have any official registration for IP addresses of mail servers, and thus lacks the regulation and management of undisciplined companies as potential spammers.”
  Of course, with different systems for identifying spam, some very curious discrepancies will emerge.
  Spamhaus, based in Germany, maintains a public list of ISPs that are repeat offenders, with many on their top ten being Chinese web addresses—the website of internet giant Tencent (responsible for making ubiquitous messenger app WeChat) clocks in at number five on the Spamhaus list, with DrPeng, a computer hardware retailer, coming in at number one. In fact, eight of their top ten spam-enabling IP addresses all either have a .cn or .hk address, or are recognizable Chinese companies. Spamhaus’s list, however, evaluates their spam abuse departments and their effectiveness, judging them on how well they responded to spam complaints, calling them “de-facto” spam havens, noting that the problem is that they take a “blind eye” to the spam they host, most likely due to the significant profits on offer. Thus, they are being judged on a lack of enforcement rather than creating the spam themselves.
  When Spamhaus examines the ISPs that allow the proliferation and coordination of malicious “botnet controllers” which can hijack computers, things look a bit different—a Vietnamese company tops the list, followed by an Indian one. The only obviously Chinese site clocks in at number three. In terms of identified spam operators—the identified people or companies directly responsible for spam—China has just six of the 111 entries, though this is likely in part due to increased difficulties spotting them. These entries include counterfeiters, as well as a Jiangsu-based spammer known as Chen Yu, who prior to 2014, was infamous for malevolent photo-retouching services that used dropboxes and discarded webmail addresses, and apparently managed to hijack several thousand IP addresses around the world. Spamhaus believes he later switched to a “snowshoe” method which is much like a hydra in that instead of one head it has many, in the form of multiple IP addresses to spread spam using a more diverse delivery network (and is thus harder to track).   Progress in combating spammers of such persistence is no doubt going to be difficult—after all, the problem is not just dedicated spammers like Chen Yu, but also difficulties in enforcement from some of the biggest companies in the country. Given the sheer clout that these companies have—in China, WeChat reaches into people’s lives in ways that even Facebook has not yet been able to replicate in the West—it seems unlikely that they are going to be penalized anytime soon for something as lowly as spam.
  Li points out that given the difficulties combating spam proliferation, much of the fight against spam is going to come down to internet users themselves instituting security measures and commonsense measures, such as avoiding writing email addresses on publicly accessible websites where bots can crawl them (or at least adding spaces).
  Following the money
  So who profits from spam? Short answer: loads of people. After all, it’s basically just low-cost advertising.
  With so many products desperate to get attention, spam is ubiquitous and seems here to stay. When Damon McCoy, a computer science professor at New York University, set out to investigate a spam trail, he found it led to some of China’s largest banks.
  His approach was to track 300 purchases of fake luxury products that had been advertised via spam. McCoy targeted fake goods specifically, because they are one of the few products internationally which can trigger a response from credit card companies, unlike complaints over spam.
  Around 97 percent of the transactions were handled by the Bank of China, Agricultural Bank of China and the Bank of Communications.
  Given the extreme concentration of banking in China within a few large state-owned behemoths, it is perhaps unsurprising that the vast majority of these purchases went through them—after all, they handle millions of transactions. But a report in the Technology Review highlighted one way in which this was of notable significance. Initially, many of his purchases had gone through the Korea Exchange Bank. Complaints from Visa resulted in that bank ceasing their operations with perpetrators.
  Despite the fact the Chinese banks have been mentioned in lawsuits launched by luxury brands and counterfeiting watchdogs, the banks did not cease conducting operations for these outfits. They did close down the accounts for counterfeiters, but failed to promptly shut down new accounts opened by the same people.   McCoy said that despite the fact the counterfeiters/spammers in China seemed able to open new accounts and continue operating, there was evidence to indicate that their sales were still being negatively impacted by this approach.
  Of course, it’s not just the banking side of things that is centralized. China’s internet giants have spread their influence into all sectors of the online market, including various ad agencies, ad providers, and advertising consultancies and analytics. Even smaller companies often spread their business across all these sectors, and there are few firewalls between them—for companies seeking advertising, this creates hidden conflicts of interest that they may not be aware of: is the company advising you shepherding you toward their own products? Is the company measuring your advertising success also the company doing the advertising for you?
  Throw in the opacity that surrounds much of the Chinese internet, and it can be very difficult to know who exactly is providing what services and what financial interests they may have.
  At its worst, dangerous “health” providers found ways to utilize search giant Baidu’s advertising services to provide a veneer of legitimacy which allegedly resulted in the death of a cancer patient because he opted for dodgy treatment—the incident sparked a public outcry which made Baidu reassess its advertising policies.
  Only time will tell whether approaches like McCoy’s or those used by ISC will work, but there are reasons to be optimistic—multiple internet security companies have indicated that as a percentage of total websites, dangerous websites that result in malware intrusions are decreasing each year. In the meantime, best just be careful about where you write your email address.
其他文献
Can Chinese museums and capitalism mix?  博物館该不该“下海”?  TheForbidden City: imposing, majestic, and most of all forbidden—unless you have the RMB for the entry fee. The extent to which the Palace Museum
期刊
How gentleness leads to peace  是不偏不倚,是胜败难分,是执掌天下,是返璞归真  It is my spirit that addresses your spirit; just as if both had passed through the grave and we stood at God’s feet, equal—as we are!” This decl
期刊
Text BY DAVID dawson  Photographs by Lindsay and Abram Sopenski  Starting a walk across China in the lush hills of Hainan  美国脚步丈量中国南北:第一站,海南!  Lindsay and Abram Sopenski have a goal which sounds decep
期刊
The politics of individualism in Chinese modern dance  現代舞在中国  The ninth annual Beijing Dance Festival, which took place this summer from July 14 to July 26, closed with choreographer Zhang Xuefeng’s
期刊
How to get through your next haircut  如何拒绝“办卡”,从发廊全身而退?  “Would you like to buy a membership card?”  “Y3o b3n zh`ng hu#yu1nk2 ma?”  “要办张会员卡吗?”  If you hear this infernal message more than three times
期刊
Language is delightfully, defi antly mutable. Like when your grandmother tells you about all the gay parties she used to attend as a teenager. You looked at her aghast, “Yes dear, we had tremendous fu
期刊
Zach Ireland’s journey to the TV screen   左右:我在中国当演员  American actor Zach Ireland, better known to Chinese audiences as Zuoyou (左右) has been performing in Chinese films, talk shows, and sitcoms in Chi
期刊
Chinese naming customs in the age of globalization  貽笑大方?办公室里乱飞的英语名字也是有存在的合理性的。  Almost the minute he arrived in Tokyo in September, 1897, Chinese revolutionary Sun Wen found himself in a bind. Having
期刊
Death’s End transforms physics into a nightmare hellscape of horror and loss. Also, there’s a love story.  面对宇宙的真相,一切都會逝去,只有死神永生  For a brief recap of the trilogy, Three-Body Problemasked, “Does human
期刊
How can a person disappear and seemingly become one dimensional? The subtle “Invisible Man” (隐形人 Y@nx!ngr9n) artworks of 40-year-old Liu Bolin (刘勃麟) reveal the secret. Liu quietly stands as a blank ca
期刊