Has Malware Jumped Over China's Great Firewall?
OCT 11, 2015 6:00 PM EDT
By Adam Mintera
For years now, China's elaborate efforts to censor and control the Internet -- collectively known as the Great Firewall -- have restricted what the world's biggest population of Netizens can see and how fast they can download. Until now, that hasn't been much of a problem for anyone besides locals and companies such as Facebook and Google hoping to sell to them.
In recent weeks, however, Chinese-origin attacks on Apple's iOS and App Store have raised a discomfiting prospect: The closed-off Internet ecosystem China has created may be breeding malware that could affect the rest of us.
This is a different issue than Chinese hacking, which targets companies and governments for their technology and secrets. The most recent attack emerged on Oct. 4, when researchers at Palo Alto Networks revealed that a piece of malware they named YiSpecter was infecting iOS users primarily in China and Taiwan. Its creators had embedded the bad code in a porn video player that allows users to share videos privately using the cloud -- a popular device in China, where censors tend to crack down on publicly available porn sites.
An even more serious case came to light in mid-September, when investigators discovered thatthousands of Chinese-authored apps in Apple's App Store had been infected with malware, including WeChat, the world's second-most popular social media platform, and Didi Chuxing, China's most popular ride-sharing app. It was the first successful major attack on Apple's store.
Here, too, the Great Firewall had created the perfect environment for the infection to spread. Government filters slow download speeds so dramatically that it can take hours -- days, even -- for Chinese developers to download Apple's authorized toolkit for creating apps and other content for Apple devices. Fed up and impatient, many coders instead chose to use what they thought were Apple software development tools available on Chinese websites, only to discover later that they'd been infected. The malware then injected malicious code into otherwise innocent apps sold in the App Store.
The recent attacks are new only insofar as they've targeted Apple products, which had previously been celebrated for their security. Android's problems in China go back further. Its developer, Google, isn't licensed to offer its Play store in China, so a thriving industry of third-party app stores has blossomed. Their security measures, unsurprisingly, are relatively weak. Between 2012 and 2013, AV-Comparatives, a security software testing organization, found 7,175 infected apps in 20 major third-party app stores, most of which were Chinese.
Foreign companies operating on the mainland have long complained that the Great Firewall has hampered their ability to do business. In February, the European Chamber of Commerce in China issued a survey of 106 of its members, 86 percent of whom said that the inability to access Web sites had had a "negative effect" on their businesses. The U.S. Chamber of Commerce has reported similar complaints.
Now, though, the danger is that bad software and apps created in China will spread outward, undermining the credibility of once-secure services such as Apple's App Store. China stands to lose as much as anyone: Even the prospect of infection could reduce the global appeal of Chinese-designed apps. Virushuo, the online handle for an influential Chinese software and security blogger, has compared the danger to that posed by tainted food. "A good restaurant may not necessarily intend to poison its customers, but they also have a difficult time guaranteeing a reliable supplier of ingredients," he blogged in late September. (The post is now censored in China but available outside the country.)
China's huge population of Internet users offers software developers the advantage of a large-scale test audience before going global. WeChat, perhaps the world's most innovative and (recently) its most copied social networking service, is just one example. But if China wants to fulfill its ambitions of moving up the technological ladder, producing tools and apps with wider appeal, the regime faces a choice. It could remove a few bricks from the Great Firewall in order to create a healthier environment for developers to work. Or it can suffer increasing isolation, as the rest of the world shies away from Web-based products that carry the "made in China" label.
Special Bulletin - My just released book,
is now on sales at Amazon.comGreat Reasons for Purchasing Netiquette IQ
· Get more email opens. Improve 100% or more.
· Receive more responses, interviews, appointments, prospects and sales.
· Be better understood.
· Eliminate indecision.
· Avoid being spammed 100% or more.
· Have recipient finish reading your email content.
· Save time by reducing questions.
· Increase your level of clarity.
· Improve you time management with your email.
· Have quick access to a wealth of relevant email information.
Enjoy most of what you need for email in a single book.
=================================**Important note** - contact our company for very powerful solutions for IP
management (IPv4 and IPv6, security, firewall and APT solutions:
In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in 60 Minutes. . . And Get That Job!” will be published soon follow by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:
In addition to this blog, I maintain a radio show on BlogtalkRadio online newsletter via paper.li.I have established Netiquette discussion groups with Linkedin and Yahooa member of the International Business Etiquette and Protocol Group and Minding Manners among others. I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and I have been contributing to the blogs Everything Email and emailmonday . My work has appeared in numerous publications and I have presented to groups such as The Breakfast Club of NJ and PSG of Mercer County, NJ.
I am the president of Tabula Rosa Systems, a “best of breed” reseller of products for communications, email, network management software, security products and professional services. Also, I am the president of Netiquette IQ. We are currently developing an email IQ rating system, Netiquette IQ, which promotes the fundamentals outlined in my book.
Over the past twenty-five years, I have enjoyed a dynamic and successful career and have attained an extensive background in IT and electronic communications by selling and marketing within the information technology marketplace.Anyone who would like to review the book and have it posted on my blog or website, please contact me firstname.lastname@example.org.
If you have not already done so, please view the trailer for my book below.
"Never doubt that a small group of thoughtful, committed citizens can change the world; indeed, it's the only thing that ever has." - Margaret Mead