Chinese Government Officials Targeted With Ransomware, North Korea Suspected

A statement issued by the People’s Government of Yiling District, Yichang has revealed that Chinese officials have been the target of a ransomware email attack in recent days.

Also Read: Late Quadrigacx CEO Used Personal Funds to Fulfill Withdrawals

Chinese Government Officials Face Ransomware Attack

A statement issued by a Chinese provincial government website has announced that the National Network and Information Security Information Center has identified overseas hackers targeting the websites of government departments with emails containing ransomware.

The ransomware was delivered via an email containing the subject line: “You must report to the police at 3:00 pm on March 11!” The emails contain version 5.2 of the Gandcrab malware, which is concealed in an attachment named “03-11-19.rar.”

After running, Gandcrab encrypts the hard disk data of the victim, prompting them to download the Tor browser. The Tor browser then “logs into the attacker’s digital currency payment window and asks the victim to pay the ransom.”

The document states that the attacks have been taking place since March 11. The scale of the attack is not currently known, however a number of hard drives belonging to government officials have been infected.

Hackers Suspected to Have North Korean Affiliation