Mutated ransomware has overridden kill switch
Beijing authorities announced on Sunday that they have detected a new mutated version of the malicious ransomware WannaCry, and have urged all departments to take measures to prevent attacks.
The malware was first detected on Friday, and has so far affected institutions in more than 100 countries.
Beijing Cyberspace Administration, Beijing Public Security Bureau and the Municipal Commission of Economy and Information Technology jointly issued a notice on Sunday, saying that the mutated version, dubbed WannaCry 2.0, has managed to override its previous kill switch and can no longer be prevented from spreading. It is likely to spread faster, reported qianlong.com, a news portal affiliated with the Beijing municipal Party committee.
The notice urged departments to take measures to stop the virus attack, including updating operating systems and disconnecting affected computers from the Internet.
There was concern about the level of potential attacks from new versions that would hit on Monday morning, the BBC reported.
WannaCry, a new type of "worm" ransomware virus, broke out on Friday evening. Europe's police agency, Europol, called the attack "unprecedented," and warned a complex international investigation was needed to identify the culprits. The virus took control of users' files, demanding payments.
According to a release by the China National Petroleum Cooperation on Sunday, the company has recovered more than 80 percent of its network. The virus affected gas stations, preventing customers from using cards to pay, but now the company is recovering payments for gas filling cards, bank cards and third-party payments.
The virus has affected several thousands of computers from 29,372 domestic agencies. Among them, 4,341 education research agencies were the worst hit, said a report from the Threat Intelligence Center of the leading Chinese anti-virus software firm Qihu 360 on Sunday.
The report said that East China's Jiangsu and Zhejiang provinces are the most affected regions in China. Affected agencies cover universities, train stations, post offices, hospitals and government terminals, and the number is on the rise.
WannaCry is believed to use the EternalBlue exploit, which was developed by the US National Security Agency to attack computers running Microsoft Windows operating systems.
The virus poses serious challenges to international collaboration and demands a buildup of a cyberspace security community, Qin An, director of the China Institute of Cyberspace Strategy, told the Global Times.
Network weapons deployed by the US government have served as a core factor of the virus rampage, which again reminds the world of the great harm the US' network hegemony and its network weapons can bring about, Qin noted.
Chinese President Xi Jinping has stressed the importance of upholding cyberspace sovereignty, calling on all nations not to engage in "Internet hegemony."
