A new variant of Ransomware, Ransom32, uses JavaScript to ease the process of attacking use systems with Ransomware and cause problems.
Ransomware has been the thorn in systems all over the world, be it personal computers or other systems, even those belonging to police departments. Ransomware is a malicious program that takes control over a host computer and then uses it to demand ransom from the victim.
As a consequence of ransomware, the system is encrypted in such a way that it can only be accessed by making a payment as ransom to an account mentioned. In this way, many people are forced into paying the hacker considerable sums of money in order to regain access to their systems and the data that is stored in it thereafter.
The Tor-based control panel for configuring Ransom32. Just click a few boxes, add some text, and you’re ready to extortion. Image Source: Emisoft.
Although ransomware is nothing new and has been attacking systems all over the world, a new variant of ransomware has made the job of infecting a system much simpler, thanks to JavaScript.
JavaScript has been used for a long time for simple things like tracking downloads, but its scope has grown so large these days that it is now virtually everywhere. Much of this has to do with the fact that JavaScript is a web-native language.
Ransom32 is so simple to use and deploy that the perpetrators have a dashboard at their disposal enabling them to even specify the amount to be demanded and the Bitcoin address to which the ransom has to be paid, along with providing statistics as to the amount accumulated by the act, according to Emisoft Chief Technology Officer Fabian Wosar.
After the attacker has configured and downloaded the NW.js fork of Node.js they acquire some files that are to be downloaded on the victim’s system. This can be a challenge, for the files are more than 20 MB in size. However, disguising the files as objects like movies can be a used as a workaround.
Image Source: Emisoft.
As of now, Ransom32 only affects Windows users, for its exploits the easy execution of .exe files to complete the job. However, there is little respite in this fact, for JavaScript is the underlying platform used in the attack. JavaScript’s popularity has seen it grow its area of availability and applicability by a lot of notches and so has the opportunity for attackers grown.
However, there are fixes like using the option in browsers not to enable JavaScript by default and manually using it on websites of your choice, which can be used as a precaution.
[src src=”Source” url=”http://blog.emsisoft.com/2016/01/01/meet-ransom32-the-first-javascript-ransomware/”]Emsisoft[/src]
[src src=”Top, Featured Image Via” url=”http://www.shutterstock.com/gallery-218530p1.html”]Shutterstock[/src]
