It is a hijacking program or ransomware & # 39; that encrypts files with the exception of .gif, .exe and .tmp extensions and obtains the credentials of different user accounts to request money in return.
More than 100,000 personal computers were hit in China in just 4 days by a malicious program through WeChat, reported 2SpyWare last Wednesday. According to experts, mass infection began on December 1. It is a hijacking program or ransomware & # 39; which encodes the files, with the exception of .gif, .exe and .tmp extensions and obtains credentials from different accounts. of the user to ask for money in return.
Their goals are exclusively Chinese netizens and steal passwords from popular applications in the country such as Alipay, NetEase, Baidu Cloud Disk, Jingdong, Taobao, Tmall, QQ and AliWangWang. All collected information is stored on a remote server controlled by attackers. Besides all this, the virus adds a malicious "script" to the EasyLanguage program, which most developers use to create their applications. As a result, they can directly expand malware code & # 39; in each application. It is not a malicious program to use, because instead of asking for the bitcoins rescue amount, it urges to pay $ 16 (110 yuan) with the WeChat Pay function, the Chinese security company Velvet Security reported Tuesday. Virus vulnerabilities have already been found, which allowed Chinese cybersecurity experts to access the control and command (C & C) server for attacks and develop a tool to help victims recover their data. It was also possible to identify the creator of the & # 39; ransomware & # 39; -Luo & # 39; – and your personal information was sent to the authorities to continue the investigation. Leave a comment