[ Dec 06, 2018 ]
A new piece of ransomware is spreading rapidly across China that has already infected more than 100,000 computers in the last four days as a result of a supply-chain attack… and the number of infected users is continuously increasing every hour.
Unlike almost every ransomware malware, the new virus doesn’t demand ransom payments in Bitcoin.
Instead, the attackers are asking victims to pay 110 yuan (nearly USD 16) in ransom through WeChat Pay—the payment feature offered by China’s most popular messaging app.
Ransomware + Password Stealer — Unlike WannaCry and NotPetya ransomware outbreaks that caused worldwide chaos last year, the new Chinese ransomware has been targeting only Chinese users.
It also includes an additional ability to steal users’ account passwords for Alipay, NetEase 163 email service, Baidu Cloud Disk, Jingdong (JD.com), Taobao, Tmall , AliWangWang, and QQ websites.
Cyber Security Tips:
The Velvet security team created and released a free ransomware decryption tool that can easily unlock encrypted files for victims without requiring them to pay any ransom.
Researchers also managed to crack and access attackers’ command-and-control and MySQL database servers, and found thousands of stolen credentials stored on them.