Cloning WannaCry, a new ransomware named Wannalocker is being spread in China increasing. The new ransomware, Wannalocker is preying on Android OS through gaming forums impersonating itself as “King Of Glory” plugin.
The ransomware was first recognized by Qihoo 360, a Chinese security firm, while Avast detected it and coined it as WannaLocker. WannaLocker clones most of its features from the widespread WannaCry encrypting files on external storage of the Android device that it hit. This is not the first time Android users have been targetted. Earlier, I posted about a malicious app that was found on Google Play which was spreading Ransomware.
Unlike WannaCry, WannaLocker is targeting specific file types that include files that are bigger than 10 KB and that begin with “.” character; and ignores the ones with “DCIM”, ”miad” and “com” in their path After it has entered the device, it encrypts files while staying hidden in the app drawer.
The ransom amount that is being demanded by WannaLockers to decrypt the files is 40 Chinese Renminbi which is worth US$ 5-6 approximately to be paid through QQ, Alipay or WeChat. The amount is far less than what was demanded by other such ransomware and we can note from this that hackers do not have a specific target but want to make money and fast. Given the intelligence agencies and security firms in China, it wouldn’t be hard to trace the money and catch the hackers.
Although the virus has just hit China, for now, it may spread far. Having a good protection of you data and files is always a good idea, no wonder when more such ransomware hit your device demanding bigger ransom amounts. Although we can never really tell how and when will another ransomware bypass your security, here are few tips and measures for you to be protected against such malware.
So this was about WannaLocker, a new Ransomware spotted targeting Android users in China. Be safe and don’t fall in a trap for such free games, hacks, cheats or any plugin just like Kings of Glory in this case.
Erebus Linux Ransomware Attacks South Korean Firm, Pays $1M Ransom!
Locky Decrypter: How to Remove Locky Ransomware?
Your email address will not be published.Required fields are marked *
This site uses Akismet to reduce spam. Learn how your comment data is processed.
Hit enter to search or ESC to close