New Ransomware Strain Hits the Chinese Web; Infects 100K PCs

More than 100,000 Chinese users have had their Windows PCs
infected with yet another strain of ransomware that encodes their records and
files all the while requesting a 110 yuan (~$16) ransom. The inadequately
composed ransomware is known to have been scrambling local documents and taking
credentials for various Chinese online services.
As of now there has been no threat made to international
users as the ransomware is only determined to focusing on the Chinese web only.
The individual or the group behind the activity are only
utilizing Chinese-themed applications to appropriate the ransomware by means of
local sites and discussions at the same time asking for ransom payments through
the WeChat payment service, just accessible in China and the contiguous areas.
A report from Chinese security firm Huorong, the malware,
named ‘WeChat Ransom’ in a few reports, came into existence on December 1 and
the quantity of infected systems has developed to more than 100,000 as of
December 4.
Security specialists who analysed the attack said that other
than encoding records, the ransomware additionally incorporated an
information-stealing component that collected login credentials for a few
Chinese online services, like Alipay, Baidu Cloud, NetEase 163, Tencent QQ, and
Taobao, Tmall, and Jingdong.
Chinese security organizations examining the malware concur
that it is a long way from a complex risk that can be effortlessly defeated.
Although it professes to delete the decryption key if the victim neglects to
pay the ransom by a specific date, document recuperation is as yet conceivable
in light of the fact that the key is hardcoded in the malware.
Specialists from Huorong examining this ransomware string
have found a name, a cell phone number, a QQ account, and an email address that
could enable police to identify and catch the thief.
This most recent ransomware campaign anyway is additionally
not the first occasion when those Chinese-based ransomware creators have
utilized WeChat as a ransom payment dealing strategy. The ones who committed
this deadly error in the past have been captured by the officials within
The Chinese police, in general, have a decent reputation of
capturing the hackers within weeks or months after a specific malware crusade
stands out as truly newsworthy.

Don't forget to share

You may also like...

Leave a Reply

Your email address will not be published.