China Chopper
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 90 % (High) |
| Infected Computers: | 7 |
| First Seen: | August 15, 2013 |
| Last Seen: | December 18, 2021 |
| OS(es) Affected: | Windows |
China Chopper is a dangerous malware infection that has proven to be effective at bypassing legitimate security programs. China Chopper allows criminals to carry out a large number of malicious tasks on the infected computer. To date, China Chopper's main targets are Web servers, which may then be used to distribute other malware to visitors. China Chopper is a Remote Access Trojan, or RAT. China Chopper first appeared in November of 2012 and was part of an extensive espionage operation on high profile targets. One of the surprising characteristics of China Chopper is its reduced size, only four kilobytes! Security researchers consider China Chopper extremely dangerous because China Chopper is not only devastating; China Chopper is also small, easy to customize and hard to detect, all of which are characteristics of the most dangerous types of malware attacks.
How China Chopper Evades Detection
One alarming aspect of China Chopper is its ability to bypass detection. China Chopper is overlooked by many widely used security programs, especially by Web-based scanners. This is a significant gain for malware developers since one of their main goals has always been to fool malware analysts and security programs developers. There are several ways in which China Chopper avoids detections. China Chopper's code is heavily obfuscated and contains several characteristics that are meant to make its code seem legitimate. There have been observed similarities between China Chopper and Tinba, a banking Trojan released in 2012 which also was considerably small (twenty kilobytes) and could also bypass most security programs.
The Extent of China Chopper's Attacks
Businesses and government institutions are prime targets for malware developers, especially when it comes to RATs such as China Chopper. These types of attacks try to take advantage of lowered response time due to the high volume of malware attacks being carried out today, attempting to inflict as much damage as possible in the shortest time. The main long term consequence of attacks like China Chopper is intellectual property theft. The main problem with this is that the effects of intellectual property theft on the economy and world finance are not felt until many years later, meaning that they are hard to gauge and detect. China Chopper attacks are being used to steal sensitive intellectual property, account credentials and banking information.
