Jump to content

Unique China-based Ransomware Ditches Crypto for WeChat Payment

kuhnertdm
By kuhnertdm
in Tech News
 Share
Posted

Source

 

A new form of ransomware has infected over 100,000 PCs in China over the last few days. However, instead of doing what most ransomware does and demand payment in the form of Bitcoin or other cryptocurrencies, this one demands payment over the Chinese social media platform WeChat. This typically would be a bad choice on the ransomware developer's side, as WeChat is a lot more traceable than Bitcoin is. In addition, it seems the software itself had some info embedded in it that could lead investigators to the person accepting payment:

 

Quote

Experts from Huorong examining this ransomware string found some details that could lead to identifying and apprehending the malware author.

They discovered a name, a mobile phone number, a QQ account, and an email address that could help police catch the crook. Using the info present in the malware code, the researchers ran a domain lookup and found additional details that connected the dots and possibly leading to the identification of the author.

Because this was so poorly executed and easily traceable, some are speculating that this may either all be pointing to some random account (so the developer doesn't get paid - They were only doing it to cause havoc), or to the account of someone they want to frame. The account has already been closed.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

The most obvious reason to me for not using BitCoin (or other cryto) is that the Chinese has banned all crytocurrency-related stuff (officially anyways) a while ago. So if they ask for BitCoin, they'd have to sell/exchange overseas, which makes it as traceable as WeChat pay. WeChat pay could be set up quite easily without putting any personal info at risk. Afaik, there are still ways to get a sim card without showing ID card (officially, China requires all sim sellers to ask for ID card when selling sims). With the phone number, ppl can register WeChat pay easily and use money entered into the account to buy stuff in shops. I've seen jewelry store (as in store that sell gold jewelry and whatnot) accepting WeChat pay so spending the money and then reselling the product to cleanse the money isn't as hard as you think.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

Considering it's Wechat I'm pretty sure they will find the offender pretty quickly.

 

Also, funfact: Chinese anti-viruses suck.

Specs: Motherboard: Asus X470-PLUS TUF gaming (Yes I know it's poor but I wasn't informed) RAM: Corsair VENGEANCE® LPX DDR4 3200Mhz CL16-18-18-36 2x8GB

            CPU: Ryzen 9 5900X          Case: Antec P8     PSU: Corsair RM850x                        Cooler: Antec K240 with two Noctura Industrial PPC 3000 PWM

            Drives: Samsung 970 EVO plus 250GB, Micron 1100 2TB, Seagate ST4000DM000/1F2168 GPU: EVGA RTX 2080 ti Black edition

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Tech News

×