Creators of illicit software may have been the most vulnerable targets of a recent, apparently homegrown, ransomware effort in China.

Attacks were first reported on the night of December 1, according to antivirus software provider Huorong Security. The software encrypted important files in .doc, .txt, .jpg, and other formats, and also stole 20,000 passwords and other pieces of data from Taobao and Alipay platform users, among others. The attack affected only PCs, The Paper reports, and a majority of victims were likely illicit software creators or purveyors who often don’t use security software.

The incident marks the first time Chinese ransomware creators have used a (traceable) WeChat QR code to demand payment, with users asked for RMB 110 (around $16) to unlock their documents.

Start your free trial now.

Get instant access to all our premium content, archives, newsletters, and online community.

Monthly Membership

Yearly Membership

What you get

Full access to all premium content and our full archives

Members'-only newsletters

Preferential access and discounts to all TechNode events

Direct access to the TechNode newsroom

Start your free trial now.

Get instant access to all our premium content, archives, newsletters, and online community.

Monthly Membership

Yearly Membership

Bailey Hu

Bailey Hu is based in China’s hardware capital, Shenzhen. Her interests include local maker culture, grassroots innovation and how tech shapes society, as well as vice versa.