Security researchers have discovered that ransomware typically used to target English-speaking victims, is moving to Asian countries. A new variant dubbed “Crypt0l0cker” has been customized for at least two East Asian countries, according to Security firm Symantec. This variant changes its ransom message’s default language depending on the IP address of a victim’s computer. The message will appear in English if no default language is selected. The ransomware is coded to communicate in Japanese, Hangul, and Korean, although the Japanese and Korean messages appear to be written by non-native speakers or an online translation service. This campaign asks for 1.8 bitcoins or roughly $400 as ransom to release a victim’s files. The majority of attacks target Korea, followed by Malaysia and then Japan. Symantec said this could be the first ransomware to customize languages in the Far East.
IT Security News
The information provided herein is on "as is" basis, without warranty of any kind.
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street