Over 20K Chinese PCs infected with a new ransomware variant


Ransomware news is out that over 20,000 personal computers in China are infected by a new ransomware variant which encrypts files until a ransom of 110 Yuan or $16 is paid via WeChat’s payment service- available exclusively in China and its provinces.

As of now, sources say that the developers of the said malware are targeting Chinese web space and the chances of international users getting infected are zero. That’s because the ransomware developers are found using Chinese themed apps to distribute the ransomware via local sites and forums.

Cybersecurity Insiders has learned that the file locking malware is being spread through social media-themed apps- especially Tencent’s QQ Instant Messaging software service apps like “Account Operation V3.1” which helps users manage multiple QQ accounts- all developed by Chinese firm Shenzhen Tencent Computer Systems Co. LTD.

Security experts who were pressed into the service to analyze the ransomware say that the malware also installs an info-stealing component apart from locking files which help steal login credentials from various Chinese online services Baidu Cloud, NetEase, Alipay, Taobao, Tmall, Jingdong- the online retailer.

As law enforcement received many complaints on the incident, it has decided to appoint a special team to investigate and track down the hackers behind the cyber attack. Already, the WeChat payments which are found suspicious have been locked down and the hunt for their owners is going on strongly from the early hours of Wednesday.

Note 1- A report released by Chinese Cyber Security firm named Velvet Threat Intelligence says that over 2 million computer in China has so far been infected by ransomware strains in the first 9 months of the year.

Note 2- WeChat is a Chinese messaging platform in lines with WhatsApp where users can share text, videos, and images with their contacts. Developed by Tencent, the app recently introduced mobile payment services via its platform which will soon be followed by the Facebook-owned company. As per the stats provided by the company, they are over 1 billion monthly active users for the web services platform and is being widely used in it’s neighboring countries like Nepal and Bhutan. However, not all is bright with the platform as it is being marred by allegations such as it is being highly censored by the Chinese govt.

Naveen Goud is a writer at Cybersecurity Insiders covering topics such as Mergers & Acquisitions, Startups, Cyber Attacks, Cloud Security and Mobile Security

No posts to display