{"id":59935,"date":"2018-12-07T16:28:52","date_gmt":"2018-12-07T22:28:52","guid":{"rendered":"https:\/\/www.pcmatic.com\/blog\/?p=59935"},"modified":"2018-12-10T12:59:50","modified_gmt":"2018-12-10T18:59:50","slug":"ransomware-china-attack","status":"publish","type":"post","link":"https:\/\/www.pcmatic.com\/blog\/ransomware-china-attack\/","title":{"rendered":"Ransomware Takes Over China, Infecting 100k PCs"},"content":{"rendered":"<p>Update 12\/10\/2018 &#8211; Authorities have a <a href=\"https:\/\/news.cgtn.com\/news\/3d3d414e3567544d31457a6333566d54\/share_p.html\">suspect in custody<\/a>.\u00a0 The Chinese police were able to track the suspect down due to the personal information used to create the WeChat app to collect the ransom demands.<\/p>\n<h3>New Ransomware Attack Targets Chinese Users<\/h3>\n<p>A new ransomware variant has infected 100,000 Windows PCs in China by encryption the user&#8217;s files, then demands 110 yuan ($16 USD) ransom.\u00a0\u00a0In addition to the encryption of files, the ransomware also includes an information-stealing component that obtained user credentials for several Chinese online services.<\/p>\n<p>Thus far, the attack has not gone global, as the hackers have limited their demographic in a few different ways.\u00a0 First, the hackers are distributing the malware through Chinese-themed apps.\u00a0 \u00a0Second, they are only receiving ransom payments through a Chinese payment app, WeChat.\u00a0\u00a0Unless the ransomware creators used fake IDs to create their WeChat profiles, it is believed authorities will be able to track the cyber criminals down.<\/p>\n<h4>Lack of Sophistication<\/h4>\n<p>Local Chinese cyber security firms claim the ransomware can be decrypted without paying the ransom\u00a0because the encryption key is hardcoded in the source code.\u00a0 Some of these cyber security firms have started working on free decrypting tools.\u00a0\u00a0It is their hope to release them to the public in the coming days.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Update 12\/10\/2018 &#8211; Authorities have a suspect in custody.\u00a0 The Chinese police were able to track the suspect down due to the personal information used to create the WeChat app to collect the ransom demands. New Ransomware Attack Targets Chinese Users A new ransomware variant has infected 100,000 Windows PCs in China by encryption the [&hellip;]<\/p>\n","protected":false},"author":54,"featured_media":55153,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[7,4949,5000],"tags":[5591,4363],"class_list":["post-59935","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-newsletter","category-ransomware","category-ransomwarewar","tag-china","tag-ransomware"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.3 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Ransomware Takes Over China, Infecting 100k PCs<\/title>\n<meta name=\"description\" content=\"A new ransomware variant has been targeting Windows PCs in China, infecting over 100,000 computers to date...\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.pcmatic.com\/blog\/ransomware-china-attack\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Ransomware Takes Over China, Infecting 100k PCs\" \/>\n<meta property=\"og:description\" content=\"A new ransomware variant has been targeting Windows PCs in China, infecting over 100,000 computers to date...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.pcmatic.com\/blog\/ransomware-china-attack\/\" \/>\n<meta property=\"og:site_name\" content=\"PC Matic Blog\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/pcmatic\" \/>\n<meta property=\"article:published_time\" content=\"2018-12-07T22:28:52+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2018-12-10T18:59:50+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/lockBG-blue.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"730\" \/>\n\t<meta property=\"og:image:height\" content=\"410\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Kayla Elliott\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@pcmatic\" \/>\n<meta name=\"twitter:site\" content=\"@pcmatic\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Kayla Elliott\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/ransomware-china-attack\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/ransomware-china-attack\\\/\"},\"author\":{\"name\":\"Kayla Elliott\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#\\\/schema\\\/person\\\/d4a11f480158af9f8090d8d90e0de8db\"},\"headline\":\"Ransomware Takes Over China, Infecting 100k PCs\",\"datePublished\":\"2018-12-07T22:28:52+00:00\",\"dateModified\":\"2018-12-10T18:59:50+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/ransomware-china-attack\\\/\"},\"wordCount\":214,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/ransomware-china-attack\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wp-content\\\/uploads\\\/lockBG-blue.jpg\",\"keywords\":[\"China\",\"ransomware\"],\"articleSection\":[\"Newsletter\",\"Ransomware\",\"RansomwareWar\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/ransomware-china-attack\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/ransomware-china-attack\\\/\",\"url\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/ransomware-china-attack\\\/\",\"name\":\"Ransomware Takes Over China, Infecting 100k PCs\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/ransomware-china-attack\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/ransomware-china-attack\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wp-content\\\/uploads\\\/lockBG-blue.jpg\",\"datePublished\":\"2018-12-07T22:28:52+00:00\",\"dateModified\":\"2018-12-10T18:59:50+00:00\",\"description\":\"A new ransomware variant has been targeting Windows PCs in China, infecting over 100,000 computers to date...\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/ransomware-china-attack\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/ransomware-china-attack\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/ransomware-china-attack\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wp-content\\\/uploads\\\/lockBG-blue.jpg\",\"contentUrl\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/wp-content\\\/uploads\\\/lockBG-blue.jpg\",\"width\":730,\"height\":410},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/ransomware-china-attack\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Ransomware Takes Over China, Infecting 100k PCs\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/\",\"name\":\"PC Matic Blog\",\"description\":\"Tech Tips and Tricks\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#organization\",\"name\":\"PC Matic - Top Antivirus Company in the USA.\",\"url\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/techtalk.pcmatic.com\\\/wp-content\\\/uploads\\\/PC-MaticLogo-e1472689639222.png\",\"contentUrl\":\"https:\\\/\\\/techtalk.pcmatic.com\\\/wp-content\\\/uploads\\\/PC-MaticLogo-e1472689639222.png\",\"width\":1535,\"height\":483,\"caption\":\"PC Matic - Top Antivirus Company in the USA.\"},\"image\":{\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/pcmatic\",\"https:\\\/\\\/x.com\\\/pcmatic\",\"https:\\\/\\\/www.instagram.com\\\/pcmaticusa\\\/\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/pcmatic\",\"https:\\\/\\\/www.youtube.com\\\/c\\\/PCMaticVideo\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/#\\\/schema\\\/person\\\/d4a11f480158af9f8090d8d90e0de8db\",\"name\":\"Kayla Elliott\",\"url\":\"https:\\\/\\\/www.pcmatic.com\\\/blog\\\/author\\\/kayla\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Ransomware Takes Over China, Infecting 100k PCs","description":"A new ransomware variant has been targeting Windows PCs in China, infecting over 100,000 computers to date...","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.pcmatic.com\/blog\/ransomware-china-attack\/","og_locale":"en_US","og_type":"article","og_title":"Ransomware Takes Over China, Infecting 100k PCs","og_description":"A new ransomware variant has been targeting Windows PCs in China, infecting over 100,000 computers to date...","og_url":"https:\/\/www.pcmatic.com\/blog\/ransomware-china-attack\/","og_site_name":"PC Matic Blog","article_publisher":"https:\/\/www.facebook.com\/pcmatic","article_published_time":"2018-12-07T22:28:52+00:00","article_modified_time":"2018-12-10T18:59:50+00:00","og_image":[{"width":730,"height":410,"url":"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/lockBG-blue.jpg","type":"image\/jpeg"}],"author":"Kayla Elliott","twitter_card":"summary_large_image","twitter_creator":"@pcmatic","twitter_site":"@pcmatic","twitter_misc":{"Written by":"Kayla Elliott","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.pcmatic.com\/blog\/ransomware-china-attack\/#article","isPartOf":{"@id":"https:\/\/www.pcmatic.com\/blog\/ransomware-china-attack\/"},"author":{"name":"Kayla Elliott","@id":"https:\/\/www.pcmatic.com\/blog\/#\/schema\/person\/d4a11f480158af9f8090d8d90e0de8db"},"headline":"Ransomware Takes Over China, Infecting 100k PCs","datePublished":"2018-12-07T22:28:52+00:00","dateModified":"2018-12-10T18:59:50+00:00","mainEntityOfPage":{"@id":"https:\/\/www.pcmatic.com\/blog\/ransomware-china-attack\/"},"wordCount":214,"commentCount":0,"publisher":{"@id":"https:\/\/www.pcmatic.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.pcmatic.com\/blog\/ransomware-china-attack\/#primaryimage"},"thumbnailUrl":"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/lockBG-blue.jpg","keywords":["China","ransomware"],"articleSection":["Newsletter","Ransomware","RansomwareWar"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.pcmatic.com\/blog\/ransomware-china-attack\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.pcmatic.com\/blog\/ransomware-china-attack\/","url":"https:\/\/www.pcmatic.com\/blog\/ransomware-china-attack\/","name":"Ransomware Takes Over China, Infecting 100k PCs","isPartOf":{"@id":"https:\/\/www.pcmatic.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.pcmatic.com\/blog\/ransomware-china-attack\/#primaryimage"},"image":{"@id":"https:\/\/www.pcmatic.com\/blog\/ransomware-china-attack\/#primaryimage"},"thumbnailUrl":"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/lockBG-blue.jpg","datePublished":"2018-12-07T22:28:52+00:00","dateModified":"2018-12-10T18:59:50+00:00","description":"A new ransomware variant has been targeting Windows PCs in China, infecting over 100,000 computers to date...","breadcrumb":{"@id":"https:\/\/www.pcmatic.com\/blog\/ransomware-china-attack\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.pcmatic.com\/blog\/ransomware-china-attack\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pcmatic.com\/blog\/ransomware-china-attack\/#primaryimage","url":"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/lockBG-blue.jpg","contentUrl":"https:\/\/www.pcmatic.com\/blog\/wp-content\/uploads\/lockBG-blue.jpg","width":730,"height":410},{"@type":"BreadcrumbList","@id":"https:\/\/www.pcmatic.com\/blog\/ransomware-china-attack\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.pcmatic.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Ransomware Takes Over China, Infecting 100k PCs"}]},{"@type":"WebSite","@id":"https:\/\/www.pcmatic.com\/blog\/#website","url":"https:\/\/www.pcmatic.com\/blog\/","name":"PC Matic Blog","description":"Tech Tips and Tricks","publisher":{"@id":"https:\/\/www.pcmatic.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.pcmatic.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.pcmatic.com\/blog\/#organization","name":"PC Matic - Top Antivirus Company in the USA.","url":"https:\/\/www.pcmatic.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.pcmatic.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/techtalk.pcmatic.com\/wp-content\/uploads\/PC-MaticLogo-e1472689639222.png","contentUrl":"https:\/\/techtalk.pcmatic.com\/wp-content\/uploads\/PC-MaticLogo-e1472689639222.png","width":1535,"height":483,"caption":"PC Matic - Top Antivirus Company in the USA."},"image":{"@id":"https:\/\/www.pcmatic.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/pcmatic","https:\/\/x.com\/pcmatic","https:\/\/www.instagram.com\/pcmaticusa\/","https:\/\/www.linkedin.com\/company\/pcmatic","https:\/\/www.youtube.com\/c\/PCMaticVideo"]},{"@type":"Person","@id":"https:\/\/www.pcmatic.com\/blog\/#\/schema\/person\/d4a11f480158af9f8090d8d90e0de8db","name":"Kayla Elliott","url":"https:\/\/www.pcmatic.com\/blog\/author\/kayla\/"}]}},"_links":{"self":[{"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/posts\/59935","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/users\/54"}],"replies":[{"embeddable":true,"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/comments?post=59935"}],"version-history":[{"count":0,"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/posts\/59935\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/media\/55153"}],"wp:attachment":[{"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/media?parent=59935"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/categories?post=59935"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.pcmatic.com\/blog\/wp-json\/wp\/v2\/tags?post=59935"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}