Suspected North Korea Hackers are Targeting Chinese Government Websites for Crypto Ransom

Some cyber criminals have recently hacked Chinese government websites and encrypted files on their computers’ hard drive, demanding cryptocurrency ransom in return for the restoration of the encrypted data.

According to a notice released Mar.13 by the People’s Government of Yiling District, Yichang (located in western Hubei province, China), the cyber police detected that a group of overseas hackers has been attacking the government websites in China since March 11 via ransom emails whose subject line reads “You must report to the police at 3:00 pm on March 11!”.

1

Technical analysis indicates that the ransomware contains the latest version of the infamousGandcrab malware, which is one of the most prolific ransomware viruses worldwide that encrypts files on the compromised computer and demands a payment to decrypt them. The ransomware is hidden in the email attachment named “03-11-19.rar”, once a computer runs the GandcrabV5.2 malware, the files on its hard drive will be encrypted. Then the victim will be directed to download the Tor browser (an anonymity network) and pay ransom in cryptocurrency on Tor.

It remains yet to be known the scale of the attack, while as long as users do not open email attachments with unknown sources, they won’t be susceptible to ransomware attack. An anonymous government official said he has received a warning notice about the attack this morning, and he believes all government departments in the country have been warned about it. According to him, they often receive such warning notices about cyberattacks and will be told precautionary measures against them, but it is the first time they see hacking demanding cryptocurrency ransom.

It is notable that the ransomware email was sent from the sender in the name of “Min, Gap Ryong”. Though the hackers’ identity and the origin of the cyber-attack is not yet confirmed, the sender’s Korean name seems to allude to the notorious North Korean hackers.

Last week, cybersecurity firm McAfee found that a group of North Korean hackers, likely Lazarus Group, have been actively targeting U.S. businesses and “critical infrastructure”, as well as critical sectors in Germany, Turkey and the U.K. Crypto exchanges have also been victims of the hacking syndicate. The group is reportedly behind 5 hacks on crypto exchanges totaling $571 million hacked during the period from Jan 2017 to Sep 2018.

Since cryptocurrency gains great value together with mainstream exposure over the past few years, crypto ransomware attacks, from CryptoLocker to WannaCry and NotPetya, have been rampant. At its height in late 2013 and early 2014, over 500,000 machines were infected by CryptoLocker; In 2017, the WannaCry ransomware, spreading globally, were detected in more than 250,000 detections in 116 countries. Hackers lurking in the shadows are now posing threat to the government.

Block
Add Reply
Feedback |
大聖
1.0 BRB (≈ $ 0.5)
平静
1.0 BRB (≈ $ 0.5)
展开
Add Reply

Good morning         

Add Reply
展开

Thanksfor your sharing                   

Add Reply
展开

Come and support             

Add Reply
展开

Nice sharing       

Add Reply
展开

Good

Add Reply
展开

Support

Add Reply
展开

morning

Add Reply
展开

support

Add Reply
展开

Come and support

Add Reply
展开

Come and mining

Add Reply
展开

Thanks for your sharing.    

Add Reply
展开

morning

Add Reply
展开

support

Add Reply
展开

morning

Add Reply
展开

support

Add Reply
展开

Good morning.

Add Reply
展开

support~

Add Reply
展开

Happy Friday

Add Reply
展开

Come for support

Add Reply
展开

@Jping #2

Thanksfor your sharing

 thumbsup

Add Reply
展开

@平贝哥 #10

Come and mining

 v

Add Reply
展开

come and support

Add Reply
展开

mining support

Add Reply
展开

good share 

Add Reply
展开

Support you             

Add Reply
展开

Afternoon

Add Reply
展开

Nice

Add Reply
展开

Support you!          

Add Reply
展开

 mining          

Add Reply
展开
You should login to reply
You will reward to {{ username }}

Available Balance: {{balance}}

≈ $ {{usdtAmount.toFixed(2)}} (The reward commission rate is 10.0%)

New Favorite Bag

Add To Favorite You can create multiple favorites and classify the topics. Please select the favorites you want to add.
{{ favoriteBag.title }} {{ favoriteBag.favorites_count }}Topics

{{ text }} OK
fa-bars fa-arrow-up