WannaLocker, a WannaCry ransomware look alike appears on Android


 An Android look alike of the WannaCry ransomware have been spotted in China.  According to Qihoo 360, the criminals are using gaming forums to spread a malicious app which they disguised as a plugin for a very popular game in China called "King of Glory"


Also Read: The Mirai threat: How Hackers could shut off 23 Countries access to the internet

The ransomware which has been named Wannalocker by Avast, uses AES encryption to lock files on the Android device and then appends a suffix to all encrypted files consisting of a mixture of Chinese and Latin characters. The ransomware only encrypts files below 10kb size due to limited resources and also to avoid crashing the Android OS running on the device. The ransomware dont encrypt files whose names starts with a dot or files located in folders such as "Android", "com", Download", "Maid", or "DCIM". 

What thing that baffles researchers is the fact that the creator choose to remain careless. The creator of the ransomware is asking those infected to pay the ransom fee of 40 Chinese Renminbi (about $6) through QQ, Wechat or Alipay and not Bitcoin! a simple directive from the Chinese government would have the receiver of the funds easily tracked down. 

Also Read: Head of Russian Church sprinkles Holy Water on computers to prevent cyber-attacks

Though not in support of this ransomware, security researchers were a bit impressed with the creator who managed to make this up, given to the reason that Ransomware on Android is still at a crude level.

;

No comments

Powered by Blogger.