New supply chain attack in China - More than 1 Lakh user infected
More than 1 Lakhs users in China has been attacked by the supply-chain attack and has been rapidly spreading. The number of infected user by the ransomware is increasing every hour.
The attacker is asking to pay about Nrs 160 - (nearly 16$) in ransom through WeChatPay. According to the source, the code has been injected from the programming software named "EasyLanguage". Since large number of people are using the software, the number of infected users is increasing and the attack has been targeted to China only.
software supply chain attack - supply chain cyber attack
The code was designed in such a way that whatever application compiled through the software "Easy Language", will have that malicious code within it. All files has been encrypted by this ransomware except gif, exe and tmp extensions. Huge ransomware attack in China in 2018.
They used a trick to bypass the antivirus. They have signed the code with trusted digital signature provider Tencent Technologies by avoiding encryption in some of the selected directories like "Tencent Games, League of Legends, tmp, etc."
After the encryption gets completed, the user is asked to pay 110 Yuan to attackers by WeChat within 3 days for the decryption key. If they are not paid within the given time frame, the data will be deleted from the attackers.
The ransomware is collecting confidential login credentials of different government accounts as well as social media login credentials as well.
The team of expert found that the attackers have lied regarding the decryption mechanism. The attacker is storing the copy of decryption key which has been using the XOR cipher locally in the victims system. So, Velvet Security has released the tool for decryption - free ransomware decryption tool.
Question answer website Quora hacked
Very popular question answer website has been hacked and 100 million data of quora user has been stolen. The CEO of Quora says that the data like username, password, comments,, messages, votes, links, etc. has been stolen by the attacker.
Now for prevention, Quora is asking users to reset their password by logging them out. You can find out the Quora's data Breach from here in detail.
PewDiePie Youtube channel promoted - Is it hacked ?
Youtube has been very interesting these days due to the competition between PewDiePie and T- Series. Many videos, articles and promotions has been made by their fans to promote the channel.
But, it has been found that 50,000 printers has been hacked to promote PewDiePie - pewdiepie subscribers 2018.
The hacker says “PewDiePie is in trouble, and he needs your help to defeat T-Series!”The hacker has used the open source hacking tool - PRET (Printer Exploitation Toolkit)