100,000 Chinese Windows Users Infected With Ransomware
Over 100,000 Chinese Windows PC users infected with a new strain of ransomware which was promoted via Chinese-themed apps from local sites and unsecured forms, encrypt their files and demands a 110 yuan (~$16) ransom.
The ransomware exclusively targeted Chinese internet space hijacked Windows user and demanded ransom payment via the WeChat payment service. The cyber attackers demand almost $16 which is equal to 110 Yuan in Chinese currency.
The attacks are mainly constrained to Chins and its adjacent regions, the cyber world’s expert yet identifies no international security breach or threat.
The group behind this cyber threat use Chinese-themed apps while forcing the users to download them from local unsecured websites and forums.
Reports on Multiple Cyber Attacks
According to multiple cyber news reports, the ransomware hits Windows user after installing social media-themed apps. However, mostly after installing an app named Account Operation V3.1. This app claims to help users for managing multiple QQ Accounts, also at the same time compromise other computer applications.
Then the ransomware injects malicious code inside other apps. Beside encrypting files, the threat also steals information and harvest login ids for various Chinese online services.
Few targeted Chinese online services are Alipay, Tencent QQ, NetEase, Baidu Cloud, Taobao, Jingdong shopping platform and Tmall.
Formal complaints are filed in local law enforcement bodies, but at this moment it is still unclear if authorities have identified the culprit behind this sudden ransomware outbreak.
The ransomware authors used fake obtained IDs for their WeChat payment handling profiles. It is a widely known fact that Chinese authorities have the required skills and capabilities to track down the criminals, but the results are yet unknown.
This latest ransomware campaign is not the first Chinese-based ransomware attack have used WeChat as a ransom payment handling method.
Previous attacks from Chinese hackers on Alaska and Government groups have shown that China has the potential to lead cyber attacks in cyber warfare on any part of the world.
However, Chinese police, have a good track record of arresting cyberattackers and hackers. For example, the police took only a month to track down and arrest the people who were selling data of hotel guests on the Dark Web after the outbreak of Fireball adware.
Story Of Chinese Online Services After Attack
As far the recent ransomware campaign is considered, the local Chinese cyber-security firms claim that the file decryption is possible without paying the ransom. Also, the plan is to make decryption keys freely available in the coming days.
When users Alipay accounts were hacked, most of the user on demand of ransom payment responded to the attackers by saying that they don’t have money in their accounts. Additionally, they do not care if their accounts were hacked and compromised.
Alipay accounts holders were insured at $2 per year and the entire ransomware attack appears to be pointless. WeChat Pay is the widely used digital wallets in China, and the attackers surprisingly hacked the most secure platform.
The ransomware encrypts data on the affected devices, steal passwords; also affects email services and message delivery platforms.
Unlike other incidents, though it caused panic amongst Windows users, China doesn’t seem to be bothered as investigations are currently ongoing and we hope the attackers would soon be caught.
Tips to Prevent virus and malware from Infecting Your System:
- Enable your popup blocker: Pop-ups and ads on the websites are the most adoptable tactic used by cybercriminals or developers with the core intention to spread malicious programs.
So, avoid clicking uncertain sites, software offers, pop-ups etc. and Install a powerful ad- blocker for Chrome, Mozilla, and IE
- Keep your Windows Updated: To avoid such infections, we recommend that you should always keep your system updated through automatic windows update.By doing this you can keep your device free from virus.According to the survey, outdated/older versions of Windows operating system are an easy target.
- Third-party installation: Try to avoid freeware download websites as they usually install bundled of software with any installer or stub file.
- Regular Backup: Regular and periodical backup helps you to keep your data safe in case the system is infected by any kind of virus or any other infection.Thus always backup important files regularly on a cloud drive or an external hard drive.
- Always have an Anti-Virus: Precaution is better than cure. We recommend that you install an antivirus like ITL Total Security or a good Malware Removal Tool like Download Virus RemovalTool
