1 min read

Chinese government falls victim to GandCrab 5.2 ransomware

Filip TRUȚĂ

March 15, 2019

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Chinese government falls victim to GandCrab 5.2 ransomware

Allegations that China is in the crosshairs of North Korean hackers have arisen after the discovery of ransomware-laden emails hitting the inboxes of government departments. The emails contain version 5.2 of the GandCrab ransomware concealed as an archive named “03-11-19.rar.”

China”s National Network and Information Security Information Center has informed the country”s provincial government that hackers are targeting the websites of government departments with emails containing ransomware. Going by a sender name in one of the emails (Min, Gap Ryong), Chinese officials reportedly speculate that the operators are of North Korean origin.

According to the statement, the attacks have been ongoing since March 11. Victims report being directed to download the Tor browser, which then logs into the attacker”s digital currency payment window. The ransom sum is not disclosed in the statement.

Chinese officials have yet to reveal the scope of the attack or assess the damage. What the notice does say, however, is that all units are required to conduct risk warnings, investigate, and report any future attacks. Other instructions are provided as well, such as: install antivirus software; disable automatic functions for USB ports; upgrade OS and install security updates; disconnect infected hosts or servers to prevent the spread of the malware.

GandCrab 5.2 is the latest version of the infamous ransomware family. No decryptors are currently available for this version of GandCrab.

tags


Author


Filip TRUȚĂ

Filip has 15 years of experience in technology journalism. In recent years, he has turned his focus to cybersecurity in his role as Information Security Analyst at Bitdefender.

View all posts

You might also like

Bookmarks


loader