The name of the new program is Goodwill. According to Cloudsek, which monitors digital risks, it is likely sponsored by a group from North Korea.

How do hackers work?

• When GoodWill is infected, it encrypts documents, photos, videos, databases and other important files on your computer, making them inaccessible without a decryption key.
• To get it, the victim needs to perform three actions, provide consent for this and post it on social media.
• Hackers have to give clothes to the homeless, feed five children of low-income families in cafes, and donate money to those who need emergency medical care but can’t afford it.
• Victims of the virus are asked, for example, to videotape the process of transferring clothes and provide photos of the controls, the target that actually feeds the kids at Dominos Pizza Hut or KFC – apparently, it should be brought specifically to those networks.
• To help those who need medical care, you must go to the nearest hospital and then send dictaphone recordings, photos and videos.
• Finally, you must report on Instagram or Facebook that you “are a good person as a victim of the Goodwill racketeering program”.
• After performing all three actions, hackers check the media files sent to the victim and their posts on social networks.

If all the information provided is correct, the unknown criminals will share a complete decryption kit that includes a basic decryption tool, a password file, and a video tutorial on how to recover all important files.

GoodWill was first discovered in March 2022. Since April 2022, the hacker group that created it has been attracting the attention of Indian law enforcement: According to their version, Goodwill is supported by hackers from the DPRK.

Also learn about other high-profile hacking attacks:

• WordPress hacking: Hackers have created their own malicious code into a popular site management system. Now it redirects users to fake pages and various malicious sites.
• Russian hackers attacked Lviv web resources. They stole some of the working files and broadcast them in enemy telegrams. Racists reportedly want to overthrow the city government.
• Russian hackers attacked Eurovision during the final, but Italy managed to repel the cyber attack.
• Stormus hackers, also linked to Russia, may have hacked Coca-Cola. Experts doubt this.