WannaCry was the biggest ransomware cyberattack of 2017 which affected 3,00,000 computers worldwide. The WannaCry worm used EternalBlue exploit to enter a Windows PC and takes advantage of the Microsoft's SMB protocol. After taking control over a Windows PC the WannaCry worm starts encrypting the files stored on the hard drive with the help of DoublePulsar. After encrypting the files the virus asks for a ransom which is to be paid within few days. If not paid the files will be deleted forever.
Microsoft released the MS17-010 patch which fixes the SMB vulnerability in Windows 7, Vista and Server 2008. If you have not installed this patch yet then read how to install MS17-010 update. After installing this patch your Windows PC can't be easily exploited by WannaCry. WannaCry spread at a faster rate but it only got a ransom of $82,000 with less than 200 payments. Now after the WannaCry cyberattack, hackers are targeting android smartphones in China with a new android ransomware known as WannaLocker.
The WannaLocker is spreading through Chinese game forums. The ransomware tricks a user by imitating itself as a plugin for the Chinese game King of Glory. When this plugin is downloaded and installed on the targeted android phone then it comes into play. First it hides it app icon from the app drawer and then changes the android home screen wallpaper to an anime image. After this it starts encrypting the files stored on the phone's external storage.
After encrypting the files it asks for ransom which is 40 Chinese Renminbi which equals $5.88 USD. The thing here to note is that the hackers behind WannaLocker are not using any kind of crytocurrency like bitcoins. The ransomware can be paid via QQ, Alipay and WeChat. Since the money sent via these services can be easily tracked then a question arises why the hackers are not using any cryptocurrency. Either they have made a mistake or they are a group of some notorious hackers that want to make quick money.
So if you haven't encountered this ransomware yet on your android smartphone then we suggest you to immediately install Avast Mobile Security. Avast Mobile Security detects and blocks this ransomware. Avast has already blocked the WannaCry ransomware 1 million times in 150 countries. So, it is advisable to keep your device safe by installing Avast Mobile Security.
Source: Avast Blog
You May Also Read
Get Blog Updates Via Email Subscribe Now
Please check your email for the verification link. Click on the verification link to start your email newsletter subscription.