22 March 2018
AsiaNews.it Twitter AsiaNews.it Facebook
Geographic areas

  • > Africa
  • > Central Asia
  • > Europe
  • > Middle East
  • > Nord America
  • > North Asia
  • > South Asia
  • > South East Asia
  • > South West Asia
  • > Sud America
  • > East Asia

  • » 05/16/2017, 10.09


    Beijing, schools and government offices hit by Ransomware ... of North Korean origin (maybe)

    Over 10,000 schools and colleges hit. License distribution and credit card payment at service stations blocked. Suspicions settle on Lazarus group who work in China are under North Korea.

    Beijing (AsiaNews / Agencies) - China is among the countries most affected by the Ransomware cyberattack, suspected of having a North Korean origin. About 30,000 IP addresses were hit by the virus that "seized" all the files on a computer and demanded a ransom of $ 300 to release them.

    The attack hit at least 10,000 school institutions, especially universities. Among them, the South West University, which suffered paralysis of the internal network and payment system with student cards.

    The government offices worst affected include the department for motor vehicles, housing loans, etc. Many offices have had to suspend services and update their systems, while driving licenses were suspended in many cities.

    Even China National Petroleum Corp's service stations were hit the putting the credit card and online payment system out of use. The company said that at least 80% of its stations have now resumed normal activities.

    China is the most affected because it is the nation with the greatest number of Internet users - about 700 million - and perhaps - as experts say - because computers are not updated and suffer from poor maintenance.

    But there is another reason: China may be the most affected because it was the first to be in the hacker's sights. Security experts point out that the date marked on the original Ransomware code is UTC + 9, that is, the Beijing time zone, and the text demanding a ransom, while in English, has a part written in Chinese.

    Suspects focus on a group called "Lazarus," responsible for hacking Sony in 2014 and a Bangladeshi bank in 2016. Many think that the Lazarus group is based in China but works in  for North Korea.

    Other security companies are doubtful: the link with North Korea is not so obvious, nor the one to Lazarus of the latter attack. It is also possible that hackers have simply copied the virus from previous Lazarus attacks.

    The virus exploits some vulnerabilities in the Microsoft Windows program. Last March, the company issued a corrective update, but most likely not everyone updated their system. Yesterday Microsoft also accused the national security agencies of being superficial and asked governments to point out computer vulnerabilities to sellers rather than storing them, selling them, or exploiting them for possible cyber-wars. 

    e-mail this to a friend Printable version

    See also

    15/05/2017 11:19:00 ASIA
    Ransomware cyberattack due to governments carelessness

    Microsoft warns national security agencies not to "store up" viruses – to only let them leak- but to make them known. South Korea, almost untouched. Russia, Britain, Germany, France hit as well as universities in China, Italy and Greece.

    05/07/2017 13:51:00 KOREA-UN
    Doubts surround power of Pyongyang missiles. Moon decides to follow the path of sanctions and dialogue

    Kim Jong-un's rhetoric: The Missile, "a gift to American bastards," on Independence Day. "Now we can hit the whole world." But the missile may have disintegrated into the air, on re-entering the atmosphere. Doubts about the ability to miniaturize nuclear warheads to be included in the missile cone. At the UN Security Council, the US will seek further sanctions. Seoul reiterates the importance of the path of dialogue. Antonio Guterres: The international community must remain united.

    Sony Pictures pulls 'The Interview' following threats from pro-North Korea hackers
    The comedy mocks North Korean dictator Kim Jong-un by concocting a CIA plot against him. Hackers steal sensitive company emails, posts their content, and warn viewers they might be victims of another 9/11.

    03/04/2017 11:35:00 US-CHINA-NORTH KOREA
    Trump ready to 'solve the North Korea problem' even without China

    Growing threats while approaching the meeting between Donald Trump and Xi Jinping in Florida. Beijing fears a collapse of the regime and a flood of refugees. But according to some it is "using" the threat of Pyongyang to hold off Seoul, Tokyo and Washington. The problem of US foreign debt to China.

    08/03/2017 10:24:00 CHINA - KOREA
    Wang Yi: No to Thaad anti-missile system

    The Chinese foreign minister calls on Pyongyang to stop its nuclear program and US-Seoul to cancel the military exercises. "Two accelerating trains, coming toward each other with neither side willing to give way". Beijing fears Thaad radar could be used for espionage. Boycott of Korean goods. Korean Church against Thaad because it is dragging the peninsula into a "new Cold War".

    Editor's choices

    Putin's victory seen from West and East

    Xi Jinping sent a highly congratulatory message. Japan and Germany issued polite words. The Observatory for Security and Cooperation in Europe criticised restrictions on fundamental freedoms. Tensions with Britain remain over the ex-spy poisoning. For Chinese scholar, as the West continues to attack Russia and China, the two will move closer.

    NPC: silence on constitutional amendment, scripted media coverage

    John Ai

    Spokespeople provide scripted answers to scripted questions. Various “foreign” media are funded by China as propaganda tools. The end of term limits for Xi Jinping is the will of the people even though the people did not know about it.


    AsiaNews monthly magazine (in Italian) is free.


    News feed

    Canale RSSRSS channel 


    IRAN 2016 Banner

    2003 © All rights reserved - AsiaNews C.F. e P.Iva: 00889190153 - GLACOM®