Back to Blog

New Ransomware Spreading Rapidly in China Infected Over 100,000 PCs

December 5, 2018

By: Swati Khandelwal

A new piece of ransomware is spreading rapidly across China that has already infected more than 100,000 computers in the last four days as a result of a supply-chain attack… and the number of infected users is continuously increasing every hour.

What’s Interesting? Unlike almost every ransomware malware, the new virus doesn’t demand ransom payments in Bitcoin.

Instead, the attackers are asking victims to pay 110 yuan (nearly USD 16) in ransom through WeChat Pay—the payment feature offered by China’s most popular messaging app.

Ransomware + Password Stealer — Unlike WannaCry and NotPetya ransomware outbreaks that caused worldwide chaos last year, the new Chinese ransomware has been targeting only Chinese users.

It also includes an additional ability to steal users’ account passwords for Alipay, NetEase 163 email service, Baidu Cloud Disk, Jingdong (JD.com), Taobao, Tmall , AliWangWang, and QQ websites.

A Supply Chain Attack — According to Chinese cybersecurity and anti-virus firm Velvet Security, attackers added malicious code into the “EasyLanguage” programming software used by a large number of application developers.

The maliciously modified programming software was designed to inject ransomware code into every application and software product compiled through it—another example of a software supply-chain attack to spread the virus rapidly.

More:  https://thehackernews.com/2018/12/china-ransomware-wechat.html

 

Contact us

Safety is essential to your decision making. We are sure that our team can clarify any doubts. After all, we understand security.

contact@sikur.com

Follow us

Try SIKUR





Contact Us
First Name*
Last Name*
E-mail*
Mobile Number*
Company*
Country*
Tell us what do you need* ?
Products: Hold CTRL+Click to add more than 1.* ?
Comments
I agree to the Privacy Policy and Terms of Service.