Four IT Security firms have inspected several ransomware-related attacks in the last few months and believe these attacks are carried from China.
The group also used advanced techniques to acquire access to the networks and used software to control intrusions. The Chinese Government said it would investigate this matter if given genuine proof.
Chinese Hackers Are Now Turning To Ransomware Attacks
Ransomware is a hacking attack that targets the user’s computer files by encrypting them and demanding money to unlock them. It is like a kidnapper demanding money if he holds a person hostage.
Phil Burdette from the incident response team at Dell SecureWorks said, “It is obviously a group of skilled operators that have some amount of experience conducting intrusions,”.
Burdette further said that his team observed how hackers circulated the ransomware after utilizing the notable vulnerabilities in application servers.
The hackers harmed about 100 computers, and the IT firm witnessed that 30 percent of its computers were affected. Besides this, the transport company was also affected, says the report.
Security firms Attack Research, InGuardians, and G-C Partners claimed that they analyzed three same ransomware attacks separately since December.
Dell said that other security firms had affiliated malicious software with a group named Cardoso, which carried out attacks on behalf of the Chinese Government, including U.S. defense companies.
Ransomware has been present since 1989, called an “AIDS” Trojan, and it usually propagates as a Trojan. Recently, Apple Mac users became the victims of the ransomware attack that was already downloaded 6000 times before the threat was spotted, says a developer whose product was infected with this malicious software. Later it was resolved.
Last Month, Malware was found on Android devices called Xbot, which targets banking details, and ransomware, which uses a method called “Activity Hijacking” to hack into android and steal banking credentials and personal information.