Watch out for the “blackmail virus” again. This time you don’t have bitcoins, but Alipay and WeChat

Recently, a number of network security agencies confirmed that a new extortion virus that requires WeChat to pay for ransom has emerged in China. After the virus invades the user’s computer, it will encrypt user files, but it does not charge bitcoins. Instead, it requires the victim to scan the WeChat two-dimensional code that pops up to pay the ransom and obtain the decryption key.

The extortion virus is stealing QQ, Alipay and other ciphers

By the end of December 3rd, more than twenty thousand users had infected the virus and the number of infected computers was growing. In addition to infecting software in the computer, the extortion has been looking at smart hardware including routers and smart cameras.

Network security expert Wang Liang: after the infection of the blackmail virus, the user first felt that his desktop background was changed. For example, your Word document photos can’t be opened, and the file extension is modified.

The virus also steal users’ various account passwords, including Taobao, Tmall, Ali Wangwang, Alipay, 163 mailboxes, Baidu cloud plates, Jingdong, QQ accounts, suggesting that the infected users modify the above platform password as soon as possible.

An infection will pop up

Decryption tutorials and collection of two dimensional codes

Experts say, from multiple user machines and backstage data traceability, the source of the extortion virus is an easy language software called “account operation V3.1”, which can be directly logon to multiple QQ accounts for handover management.

The virus author first attacks a software developer’s computer and infect a module in a programming “easy language” that causes all developers to use “easy language” programming to carry the “extortion virus”. After downloading these “poisonous” software, the majority of users will infect the “extortion virus”.

Alipay and WeChat response

There are two main problems in the new “extortion virus”. One is how to solve the infection after a computer infection, and the second is whether there is a risk for WeChat to pay the account after the mobile payment is made for those infected with WeChat or Alipay scavenging.

For the first problem, network security experts say the extortion virus has been successfully cracked and related security products can intercept and kill the virus. Experts also suggest that computer users must develop the habit of backup important data and documents, at the same time, improve the awareness of daily operation and maintenance, and do a good job of data security prevention. In addition, it is the computer to make security patches and software updates in time, and the files that are blocked by the security software do not add trust or release, and download and install the software through regular channels.

For the second question, the 4 day, the Tencent responded that the first time has been banned for the blackmail author’s account, the two dimensional code is frozen, and the security of the WeChat user’s property and account is not threatened. Alipay security center also said that early targeted protection has been the first time to follow, and no Alipay account has been affected.

Of course, for the spread of the virus, especially the extortion of funds, network security and law enforcement departments should also act in time to allow the relevant personnel to take due legal responsibility.

Big / home / capital / see

(source: new network of CCTV News)

Editor of the current period: Li Zhaoyu

Proofreading of this period: Niu Huiying

Leave a Reply

Your email address will not be published. Required fields are marked *