A ransomware that encrypts personal files and then demands 110 yuan (~$16) in ransom has affected over 100,000 Windows PC in China.
The hackers are distributing rigged apps, disguised as social media apps, on different forums and local websites to infect the users. Many reports claim that one of such app goes by the name “Account Operation V3.1” — a Chinese app that help users manage multiple QQ accounts (a popular Chinese instant messaging service).
It is said that EasyLanguage, an SDK shared by all the infected apps, might have been compromised. Thus, making it easy for hackers to inject ransomware malicious code in all of them.
Security experts believe that ransomware is also targeting the login credentials of several Chinese services like Alipay (digital wallet), NetEase 163 (email service), Tencent QQ (instant messaging), Jingdong (online shopping platforms) and many more.
Victims have already informed the local authorities who are now looking into the matter. Hackers are using WeChat payment service for the ransom. Many Chinese people claim that authorities can track the WeChat payments
People effected by the ransomware told it wouldn’t be difficult for authorities to catch the culprits. Chinese authorities are much regarded for their swift actions in nabbing unethical hackers.
As of now, there are no reports of the ransomware stain attacking other countries. Since the WeChat service is exclusively available for Chinese users, most likely, the attack is focused on Chinese users only.