Friday, January 31, 2025
Follow us On Linkedin
HomeComputer SecurityGandcrab Ransomware Attack on Chinese Government Internal Network

Gandcrab Ransomware Attack on Chinese Government Internal Network

Computer SecurityCyber Security NewsRansomware

Published on

By Balaji
Gandcrab Ransomware Attack on Chinese Government Internal Network

Free Webinar DevSecOps Hacks

SIEM as a Service

Follow Us on Google News

Hackers launched ransomware attacks on Chinese Government department and infected their internal computer network to lock the file and demand the ransom.

The Gandcrab Ransomware is a widespread Ransomware, nowadays it evolves with newly updated features under constant development, to target various countries.

Cybercriminals initiated this attack from outside of the country to target the government departments network.

The attack starts from March 11, 2019, using recently updated GANDCRABV5.2 latest upgraded ransomware version in February 2019 with newly added functionalities.

Gandcrab ransomware was distributed through various form of attacks such as social media campaigns, exploit kit, weaponized office documents, and compromised websites.

In this case, attackers launched this ransomware via spam email campaign with a malicious file attachment which has dropped into the Chinese Government network.

China’s National Network and Information Security Information Center have reported to the country officials that attackers are targeting government department website emails to drop this Gandcrab ransomware.

Malicious Emails contain version 5.2 of the GandCrab ransomware hidden as an archive named “03-11-19.rar.”

Further investigation reveals that it will encrypt the hard disk data of the user host and let the victim user access the URL to download the Tor browser.

In this case, Attackers demand the ransom via digital currency, for that ransomware open the digital currency payment window and asks the victim to pay the ransom.

The demanded ransom sum is not disclosed in the statement and Chinese government officials are yet to disclose the damages that caused by this Ransomware attacks.

All units are required to conduct risk warnings, investigate, and report any future attacks. Officials said.

Related Read : Ransomware Attack Response and Mitigation Checklist

Previous GandCrab Ransomware Attacks

Torrents Sites Banned A Famous “CrackNow” Torrent Uploader that sharing GandCrab Ransomware

Beware of Malicious Word Documents that Downloads the Ursnif Malware and GandCrab Ransomware

Hackers Launching Fallout Exploit Kit with New Flash Exploits That Delivers GandCrab Ransomware

Hackers Launching Gandcrab Ransomware via Super Mario Image Using Weaponized Excel Document

New Malvertising Chain that Steals Confidential Information and Encrypts With GandCrab Ransomware

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

CVE/vulnerability

VMware Aria Operations Vulnerabilities Allow Attackers to Perform Admin-Level Actions

VMware has released a critical security advisory, VMSA-2025-0003, addressing multiple vulnerabilities in VMware Aria Operations...
cyber security

Malware Discovered in Healthcare Patient Monitors, Traced to Chinese IP Address

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical advisory regarding multiple...
AI

Jailbreaking DeepSeek: Researchers Reveal Three New Methods to Override LLM Safety

Researchers at Palo Alto Networks' Unit 42 have revealed a troubling surge in large...
Botnet

Phorpiex Botnet Distributes LockBit Ransomware Through Compromised Websites

Cybereason Security Services has published a comprehensive threat analysis highlighting the resurgence of the...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

Register Now

More like this

CVE/vulnerability

VMware Aria Operations Vulnerabilities Allow Attackers to Perform Admin-Level Actions

VMware has released a critical security advisory, VMSA-2025-0003, addressing multiple vulnerabilities in VMware Aria Operations...
cyber security

Malware Discovered in Healthcare Patient Monitors, Traced to Chinese IP Address

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical advisory regarding multiple...
AI

Jailbreaking DeepSeek: Researchers Reveal Three New Methods to Override LLM Safety

Researchers at Palo Alto Networks' Unit 42 have revealed a troubling surge in large...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2024 GBHackers On Security - All Rights Reserved