23 June 2017
AsiaNews.it Twitter AsiaNews.it Facebook
Geographic areas

  • > Africa
  • > Central Asia
  • > Europe
  • > Middle East
  • > Nord America
  • > North Asia
  • > South Asia
  • > South East Asia
  • > South West Asia
  • > Sud America
  • > East Asia

  • » 05/16/2017, 10.09


    Beijing, schools and government offices hit by Ransomware ... of North Korean origin (maybe)

    Over 10,000 schools and colleges hit. License distribution and credit card payment at service stations blocked. Suspicions settle on Lazarus group who work in China are under North Korea.

    Beijing (AsiaNews / Agencies) - China is among the countries most affected by the Ransomware cyberattack, suspected of having a North Korean origin. About 30,000 IP addresses were hit by the virus that "seized" all the files on a computer and demanded a ransom of $ 300 to release them.

    The attack hit at least 10,000 school institutions, especially universities. Among them, the South West University, which suffered paralysis of the internal network and payment system with student cards.

    The government offices worst affected include the department for motor vehicles, housing loans, etc. Many offices have had to suspend services and update their systems, while driving licenses were suspended in many cities.

    Even China National Petroleum Corp's service stations were hit the putting the credit card and online payment system out of use. The company said that at least 80% of its stations have now resumed normal activities.

    China is the most affected because it is the nation with the greatest number of Internet users - about 700 million - and perhaps - as experts say - because computers are not updated and suffer from poor maintenance.

    But there is another reason: China may be the most affected because it was the first to be in the hacker's sights. Security experts point out that the date marked on the original Ransomware code is UTC + 9, that is, the Beijing time zone, and the text demanding a ransom, while in English, has a part written in Chinese.

    Suspects focus on a group called "Lazarus," responsible for hacking Sony in 2014 and a Bangladeshi bank in 2016. Many think that the Lazarus group is based in China but works in  for North Korea.

    Other security companies are doubtful: the link with North Korea is not so obvious, nor the one to Lazarus of the latter attack. It is also possible that hackers have simply copied the virus from previous Lazarus attacks.

    The virus exploits some vulnerabilities in the Microsoft Windows program. Last March, the company issued a corrective update, but most likely not everyone updated their system. Yesterday Microsoft also accused the national security agencies of being superficial and asked governments to point out computer vulnerabilities to sellers rather than storing them, selling them, or exploiting them for possible cyber-wars. 

    e-mail this to a friend Printable version

    See also

    15/05/2017 11:19:00 ASIA
    Ransomware cyberattack due to governments carelessness

    Microsoft warns national security agencies not to "store up" viruses – to only let them leak- but to make them known. South Korea, almost untouched. Russia, Britain, Germany, France hit as well as universities in China, Italy and Greece.

    Sony Pictures pulls 'The Interview' following threats from pro-North Korea hackers
    The comedy mocks North Korean dictator Kim Jong-un by concocting a CIA plot against him. Hackers steal sensitive company emails, posts their content, and warn viewers they might be victims of another 9/11.

    03/04/2017 11:35:00 US-CHINA-NORTH KOREA
    Trump ready to 'solve the North Korea problem' even without China

    Growing threats while approaching the meeting between Donald Trump and Xi Jinping in Florida. Beijing fears a collapse of the regime and a flood of refugees. But according to some it is "using" the threat of Pyongyang to hold off Seoul, Tokyo and Washington. The problem of US foreign debt to China.

    08/03/2017 10:24:00 CHINA - KOREA
    Wang Yi: No to Thaad anti-missile system

    The Chinese foreign minister calls on Pyongyang to stop its nuclear program and US-Seoul to cancel the military exercises. "Two accelerating trains, coming toward each other with neither side willing to give way". Beijing fears Thaad radar could be used for espionage. Boycott of Korean goods. Korean Church against Thaad because it is dragging the peninsula into a "new Cold War".

    08/06/2017 09:43:00 KOREA
    Pyongyang launches new missiles. Moon blocks Thaad development

    The missiles launched today are not subject to the UN ban. They could hit "big ships". Further deployment of the US anti-missile system blocked for ecological reasons. Anti-Thaad protests in Seongju. Seoul is willing to continue intercultural relations with NGOs and charitable and religious organizations, but Pyongyang rejects them.

    Editor's choices

    Pope: The Churches of the East are alive, despite persecution and terrorism

    Receiving the participants at the "Reunion of Aid Agencies for the Oriental Churches" Assembly, Francis recommends the formation of the clergy. "Let us not forget that in the East even today, Christians - no matter whether Catholics, Orthodox, or Protestants - spill their blood as a seal of their witness."

    The German ambassador asks China to release Msgr. Shao Zhumin

    In an official statement posted on the embassy site, Michael Clauss asks that the detained bishop of Wenzhou, be given full freedom of movement. Concerns also expressed over drafts of the new regulations on religious activities, which decree the end of the underground communities. It is the first time after a decade that a European ambassador has called for the release of a bishop.



    AsiaNews monthly magazine (in Italian) is free.


    News feed

    Canale RSScanale RSS 

    Add to Google


    IRAN 2016 Banner

    2003 © All rights reserved - AsiaNews C.F. e P.Iva: 00889190153 - GLACOM®