Ransomware Attack Affects Chinese Government Officials; Is North Korea Behind?
Chinese officials have been targeted by a ransomware email attack a few days ago. There are some reports that are linking the attacks to North Korea. The information was released by a Chinese provincial government a few days ago.
Is North Korea Attacking China?
According to the report released by the People’s Government of Yiling District, Yichang, the National Network and Information Security Center has identified hackers from other countries targetting government-related emails. These emails contained ransomware. The line of the email read: “You must report to the police at 3:00 pm on March 11!.” These emails included the Gandcrab malware.
Users that run the Gandcrab file, it encrypts the hard disk data of the victim and pushes them to download the Tor browser. In this way, the attacker logs into the attackers crypto payment window. Users have to pay a ransom to unlock the computer.
As per the report, several hard drives related to government officials have already been infected. However, there is no specific information about it. Now, all government departments in the country have been warned about this ransomware attack.
This is not the first time that there is a ransomware attack in the cryptocurrency space. Indeed, many individuals and firms have been attacked in the past. Experts recommend users not to pay the ransom and prevent being attacked by not opening emails that include files attached by unknown individuals.
Back in 2018, several reports spread related to North Korean hackers trying to stealing virtual currencies from individual investors. This was a decision taken by the government in Pyongyang to reduce the impact of international sanctions, according to the South China Mining Post.
There are many other attacks that have been performed by hackers to steal users’ cryptocurrencies.