chepicap.com
A group of hackers have been reported of targeting multiple Chinese government websites since March 11th.
The cyber police in the Yiling district, Yichang, found that emails entitled “You must report to the police at 3:00 pm on March 11!” contain Gandcrab malware that is capable to encrypt files on the infected computers.
According to the team’s technical analysis, the Gandcrab malware being sent is of the latest version, the Gandcrab v5.2, which the hackers hide in the email attachment, named “03-11-19.rar”.
According to 8BTC, if email recipient downloads the attachment, the Gandcrab malware will immediately decrypt all files on the infected computer’s hard drive. The victim will then be directed to download Tor browser and make payment in cryptocurrency on the browser to encrypt the files.
Moreover, the report stated that the email sender’s name is “Min, Gap Ryong”, which resound with a Korean name, although the authorities haven’t confirmed any information regarding the hackers’ identity and origin.
Read more: North Korea amassing cryptocurrencies through exchange hacks, UN panel concluded
While the scale of the attack is still unknown, an anonymous government official said to have received a warning about the attack, which contained precautionary measures against it. He believes that all government departments in the country have received the same warning notices, which he hoped to have prevented them from opening the attached file.
He added that it is the first time he received a cryptocurrency ransom attack, although it’s not his first experience receiving cyber-attack threats.