The dreaded WannaCry ransomware attacks are on the rise again, as two separate incidents of malware infection have been reported by a publishing firm in Delhi and LG's service centres in South Korea. The ransomware program has allegedly locked out around 200 computers of the publishing firm in India's capital using an encryption code, and demanding a ransom around $800 to $1000 in Bitcoin for unlocking access to each system.
This is the first ransomware attack reported in Delhi as earlier attacks were limited to isolated incidents in Andhra Pradesh, Gujarat, Kerala and West Bengal. Around 200 computers have been affected by WannaCry at Rachna Sagar Private Limited in Delhi on August 9, according to a recent report by Indian Express.
Employees at the publishing firm have reported that the ransomware has locked out access to the live account of their accounting software, which is called 'Busy'. Consequently, their access has been limited to the demo mode ever since the attack took place and they have been unable to conduct business transactions.
Here's what the company's general manager had to say regarding the ransomware attack:
"This morning, when we started our work and opened Busy software, we received a text message which said our files are encrypted. The message said we have to pay money to enable decryption of our files (sic)."
Meanwhile, police sources have reported that they were unable to trace the origin of the attack as the hackers have smartly used a proxy network while hacking into the computer systems.
In related news, self-service kiosks at the LG service centres in South Korea have been hit with a malware attack as they have stopped working since Monday morning. The government owned Korea Internet and Security Agency (KISA) has got the wind of the situation and has been working on preventing the spread of malware infection to other computers in the network.
KISA has suggested that the malware infection could be possibly related to WannaCry as the samples of malicious code found in LG's kiosks were remarkably similar to the WannaCry ransomware.
The cause of the attack is not yet known as an LG spokesperson has reportedly denied any damage to data or incidents of ransom being demanded. However, all the affected computers were immediately shut down to prevent any unforeseen damage or spreading of infection across the local network of computers.
It is not yet known if someone at the backend was tricked into installing the ransomware or if an insider had deliberately installed the malware into the systems. Nevertheless, the self-servicing kiosks have reportedly been restored to normalcy and are now fully functional.
