Ransomware, typically used to target English-speaking victims, is moving to Asian countries.
A newly discovered variant, Crypt0l0cker, has been customized for at least two East Asian countries, according to Symantec. This variant changes its rahsom message’s default language depending on the IP address of a victim’s computer.
The message will appear in English if no default language is selected. The ransomware is coded to communicate in Japanese, Hangul, and Korean, although the Japanese and Korean messages appear to be written by non-native speakers or an online translation service.
This campaign asks for 1.8 bitcoins or roughly $400 as ransom to release a victim’s files and the majority of attacks target Korea, followed by Malaysia and then Japan.
Symantec said this could be the first ransomware to customize languages in the Far East.