New ransomware written entirely in JavaScript has appeared encrypting users files for a US$250 (£172, A$336) ransom and installing a password-stealing application.
Researchers @jameswt_mht and @benkow_ found the ransomware they dubbed RAA.
Bleeping Computer malware man Lawrence Abrams described the ransomware noting it is shipped as a JS file and uses the CryptoJS library for AES encryption.
“RAA is currently being distributed via emails as attachments that pretend to be doc files and have names like mgJaXnwanxlS_doc_.js,” Abrams says.
No Comments