Frauds committed via phishing site, trojan and network penetration is listed among the 10 scenarios that will receive severe punishment.
The notice on 4th Nov by Changzhou authority proposed 4 measures to prevent loss from bitcoin ransomware like web-surfing conduct, implementation of multi-level network security strategy, terminal protection and data backup and recovery. It’s unusual for a regulatory authority to issue an official notice aiming for a specific virus, probably the first of its kind in China.
Changzhou government released a warning against Bitcoin ransomware in November 2016
6. Regulation Earlier today, the Supreme People’s Court of China publicized an official interpretation on the telecom fraud and other criminal cases. Criminals who have committed frauds with value of more than 3,000 RMB of public and private property can be sentenced to less than 3 years imprisonment, 3 to 10 years imprisonment for 30,000 RMB and lifetime imprisonment for amount above 500,000 RMB.
This is the second time our lab experienced extortion by Bitcoin ransomware. We paid around 10,000 RMB. Please spread the words to those who have lots of research data, especially those who are about to graduate.
2. 2016 China Bitcoin ransomware report Cryptolocker is believed to be the first ransomware in the market when it was detected in 2013. The localization of similar virus came 3 years later when the first ransomware with Chinese instructions, Locky, was intercepted by Antiy, a Chinese internet security company.
3. Bitcoin payment is difficult for common users The third chapter in the report is about bitcoin payment. A sample survey indicates that 11.9% victims choose to pay the ransom to recover files, among which 58.4% are paid via taobao, 33.3% by following ransomware instructions and the rest by resorting to friends. However, not every payment attempt is successful. For those who seek payment via taboo, 92.9% of the victims eventually paid off successfully and recovered their files. Only 50% managed to pay via ransomware prompt instructions. The most unreliable means is through friends with zero success. In the end, 70.8% victims finally delivered the payment. That means bitcoin payment via self-education is not that easy. As Bitcoin is a censored word on taobao, I searched “ransom “instead and found an individual shop that offers to decrypt files at the price of 3, 600 RMB. 77 user comments are mostly praising the shop-owner’s timely service even in mid-night.
Bitcoin has two sides, just like any other coins in the history of mankind.
Obviously, the victim was seeking a free solution but he soon realized that he was left with only two options: to pay or to format. The decryption without private key is almost impossible. Comment from CharAznable is cold but realistic:
360 is the leading IT company in China, claiming to be the 1# internet security company in China with 600 million users, among which 1 million are enterprise accounts. The report soon became the source of many similar reports in China’s mainstream media.
Taobao shop that offers decryption service
The outbreak in the 2nd half of 2016 is said to be linked to a Trojan on a major financial website. In 2016, at least 4.97 million PCs were attacked and the number is expected to grow 10 times to 50 million in 2017.
Ransomware is a denial-of-access attack that prevents computer users from accessing files since it is intractable to decrypt the files without the decryption key. Ransomware attacks are typically carried out using a Trojan that has a payload disguised as a legitimate file. -Wikipedia
360 anti-ransomware service
Download the 21 page report full report(Chinese).
CEO, chairman, president and other core business leaders are most willing to pay a ransom, accounting for 25.0%. Because their computers often host core data that does not necessarily have backup files. On the other hand, none of the senior or secondary level of executives is willing to pay a ransom, mainly due to their files are usually backed up in their subordinates. The financial sector victims are most willing to pay a ransom, accounting for 33.3%, followed by 20.0% from the energy sector, 14.3% for the foreign trade sector, 9.6% for the IT / Internet, 7.9% for the manufacturing sector and 4.8% for the school. Financial employees often host important data related to investment, risk analysis etc.
4. Alternative solution At the end of the report, 360 offers to pay up to 200 bitcoin for enterprise users if they are infected. To enter into the agreement, users must turn on the anti-ransom service as described below:
The location of weibo indicates that she is earning her doctoral degree in the Institute of Hydrobiology of Chinese Academy of Sciences. Unfortunately the weibo was not reposted, not even once. Her voice was weak but she was not alone. Last month, one of the top 10 threads in Peking University BBS was a call for help from a victim of Bitcoin ransomware. The victim said he received an email in his PKU emailbox with a PDF attachment. He doubled click the file out of curiosity, then all of his files were locked. 3 bitcoins were demanded to decrypt the files and he was given a detailed instruction as below:
1. Individual and enterprise victims Wenting released a weibo one week ago, warning the Bitcoin ransomware. Her tone was serious:
The survey also reveals that the importance of data infected is the most important factor in choosing to pay or to format. The other three factors are monthly income, job position and related industry.
On 15th December. 360 Internet Security Center released an annual report of 2016 China Ransomware. Some figures are listed below:
That depends on how much you value your data.
In fact the breakout of ransomware is so rampant that a municipal government has to release an official warning on taking precautionary measures against Bitcoin ransomware, as first disclosed on 8btc forum.
5. 50 million PC targeted in 2017 In the first half of 2016, around 580,000 PCs were attacked and the number grew 8 times in the second half.
Qihu 360, the leading IT company in China, releases an annual report on the development of ransomware in China and predicts 10 times growth of potential victims or 50 million in 2017.
As per service agreement, if users PC got infected under the protection of 360 service, 360 promises to pay up to 3 bitcoins for individual and 200 bitcoins for enterprise accounts. Dr.Pei Zhiyong, the author of the annual report, points out that virus makers have to compete with technology advancements, finding loopholes to facilitate extensive propagation in the past. The more victims, the more profits they could make. But things have changed now with the combination of cryptography, Tor network and Bitcoin payment. These technologies are matures and easy to replicate. Bitcoin is the final link in the business model. Traditional virus must combat with anti-virus software to survive in the victim’s operation system. Now with one-time encryption, the victims have to delete the files or pay at least one Bitcoin, or 800 USD equivalent at today’s spot price. Such amount could only be achieved with thousands of infected terminals in the past.
The ransomware attacks from April to May 2016.
Ransomware attack from August to November
Alabama Securities Watchdog Hits 3 ICOs with Cease-and-Desists
The Alabama Securities Commission (ASC), the U.S. state's securities regulator, has joined its counterparts in Texas and New Jersey in hitting out at initial coin offerings (ICOs) that are soliciting
Bitcoin Faces First Close Below This Key Long-Term Support in 2.5 Years
Bitcoin risks closing below the 50-week moving average (MA) – an important long-term support not breached for over 2.5 years.
With the bears already on the offensive following the recent sell-off,
China MIIT’s Yu Jianing: Neither Blockchain Nor Bitcoin is A Bubble
May 23, Yu Jianing, the director of industrial economic institute of the information center of Ministry of Industry and Information Technology (MIIT), indicated that “neither blockchain nor bitcoin
Norfolk Southern the Latest Railway to Join Blockchain Transport Group
U.S. railway network Norfolk Southern has become the latest industry player to join the Blockchain in Transport Alliance.
One of less than a dozen Class I railroads in North America, Norfolk Southe
EY's Maritime Blockchain Insurance Tech Is Now Live
A group of companies piloting a blockchain-based insurance platform for the global shipping industry announced on Friday that the technology is now live in commercial use.
Dubbed Insurwave, the blo
ShipChain Pushes Back Against Securities Violations Claims
Supply chain startup ShipChain claims it was unaware its SHIP tokens were available to South Carolina residents in its first public response to the state's cease-and-desist order.
The blockchain co
Most Big Cryptos Dropped this Week – These Two Bucked the Trend
The cryptocurrency markets are set to end the second week of May on a low note.
The total market capitalization for all cryptocurrencies fell below $400 billion for the first time since April 26 on
Bitcoin tracking for slight weekly losses despite news of regulatory crackdowns
Bitcoin has held up relatively well this week despite negative headlines about regulatory crackdowns. For analysts with a long-term view, that price action fits with their thesis that increased