- A new ransomware attack affected users being contacted for payments via WeChat Pay.
- Over 20,000 computers have been affected by the unnamed ransomware.
- The attackers are asking for $16 (110 yuan) from the victims.
While ransomware attacks have gone down in number over the years, a newly discovered ransomware has affected over 20,000 computers in China. Users who are affected have been contacted by the attackers and have been requested to pay 100 yuan over WeChat Pay, which amounts to approximately $16. The attackers took over the Alipay accounts of affected users and had demanded the ransom for their release.
While the amount is not a lot compared to other recent attacks across the world, the reaction of the victims is quite amusing. A number of users are not even worried. Some of the users simply replied that they have no money in their Alipay accounts and they do not care if their accounts were compromised. Others abruptly asked the attackers if they want to repay the victims’ Huabei credit card bills. Some of the users even pointed out that they should be asking for Bitcoin instead of WeChat Pay payments.
Alipay accounts are insured at just $2 per year and users can simply request Alibaba to restore their accounts, making the entire ransomware attack pointless. WeChat Pay is one of the most used digital wallets in China, and the attackers surprisingly requested payments using the platform instead of choosing a more secure platform. It may indicate that the attackers are simply amateurs, especially considering how low of a ransom they are asking for.
The ransomware itself encrypts data on affected devices and steals passwords for accounts like Taobao, JD, Baidu Cloud, Alipay and more. A number of email services and message delivery platforms were also affected by it. Unlike other incidents that cause mass panic amongst users, the affected users from China don’t seem to be bothered by the messages sent via WeChat. Investigations are currently ongoing, and we are yet to find out more details about the attack.