JavaScript-based Ransom32 Makes Ransomware Easier Than Ever | Hacked: Hacking Finance
user

JavaScript-based Ransom32 Makes Ransomware Easier Than Ever

Introduction

P. H. Madore

P. H. Madore

P. H. Madore has covered the cryptocurrency beat over the course of hundreds of articles for Hacked's sister site, CryptoCoinsNews, as well as some of her competitors. He is a major contributing developer to the Woodcoin project, and has made technical contributions on a number of other cryptocurrency projects. In spare time, he recently began a more personalized, weekly newsletter at http://ico.phm.link


LATEST POSTS

ICO Analysis: ICON (ICX) 17th September, 2017

Observations from a Post-Bubble(?) World 16th September, 2017

Cybersecurity

JavaScript-based Ransom32 Makes Ransomware Easier Than Ever

Posted on .
This article was posted on Sunday, 22:43, UTC.

Ransomware has traditionally involved advanced exploitation of desktop vulnerabilities, gaining the Windows equivalent of root, and encrypting the file system in such a way that the user can only get out of it by making a payment. Police departments, along with thousands of everyday users, have been impacted. Often in the case of police departments, phishing was involved.

// -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- //

Thanks to the recent advances in JavaScript’s viability as a platform, as evidenced by what seems to be daily new additions to the JavaScript framework market – Angular.js, Node.js, and so forth – a new Ransomware is on the scene which allows the operator to very quickly and easily deploy the malware. They even have a dashboard which enables them to designate the Bitcoin address to which the ransom can be sent as well as how much they will ask for. The dashboard also has statistics, telling the malevolent actor exactly how much they have made from their endeavor.

Ransom32 relies on a fork of Node.js known as NW.js. After the malware pusher has configured and downloaded an archive of the software, they are presented with some files that they then must get deployed on target systems. This can be the difficult part, especially with this particular piece of software, which clocks in at more than 20 megabytes. The victim will have to be somewhat dedicated in getting hold of it, but this can be achieved with relative ease if phony downloads of popular things are used. One idea to deploy this might be to simply make it seem to be a movie or something on a Torrent site.

Also read: U.S. Senators Seek Answers From Feds On Ransomware Attacks Against Government Agencies

// -- Become a yearly Platinum Member and save 69 USD and get access to our secret group on Workplace. Click here to change your current membership -- //

Ransom32 does not affect Mac or Linux users as it relies on the easy execution of an .exe file to achieve its ends. This is not to imply that the software cannot be ported to other desktop environments. Part of its success is that it’s utilizing JavaScript, which is a web-native language that exists literally everywhere. JavaScript used to be for simply things like tracking downloads and warning users of certain things on web forms, in the early days.

But now it’s grown into a much more formidable language, in some ways comparable to more advanced languages like C++. This trend doesn’t seem to be going anywhere, so readers are advised to continually be careful about browser extensions and downloads, even if it’s just JavaScript. Most browsers have an option to not enable JavaScript and other things by default, and in these times, it wouldn’t exactly be extreme to simply enable extra things manually for each site.

For a more in-depth look at Ransom32, check out this blog post by Emisoft, which also happens to provide antivirus software for Windows that inoculates against Ransom32 among a host of other things. From there:

We consider ransomware one of the biggest threats of the past year and plan to do our best to continue our excellent track record in the next year, to keep our users as protected as possible.

The standard recommendation should also be added here: in 2016, you do not have to use Windows to get work done. It is quickly becoming the platform of gamers, not workers, and your choices are myriad.

Featured image from Shutterstock.

Important: Never invest money you can't afford to lose. Always do your own research and due diligence before placing a trade. Read our Terms & Conditions here.



Feedback or Requests?

P. H. Madore

P. H. Madore

http://phm.link

P. H. Madore has covered the cryptocurrency beat over the course of hundreds of articles for Hacked's sister site, CryptoCoinsNews, as well as some of her competitors. He is a major contributing developer to the Woodcoin project, and has made technical contributions on a number of other cryptocurrency projects. In spare time, he recently began a more personalized, weekly newsletter at http://ico.phm.link

Comments
  • user

    AUTHOR Christian

    Posted on 12:39 am January 6, 2016.

    Note, the threat was discovered and analyzed by Emsisoft, not Emisoft.

  • user

    AUTHOR Ashley Sheridan

    Posted on 10:53 pm January 7, 2016.

    Your article seems to be very confused between Javascript executed in the browser and that executed elsewhere, like within a Node server. Turning off Javascript execution in your browser will do absolutely nothing if you’ve downloaded a malicious torrent with this payload.

  • View Comments (2) ...
    Navigation
    The team:
    Dmitriy Lavrov
    Analyst
    Dmitriy Lavrov is a professional trader, technical analyst and money manager with 10 years of trading experience. He covers Forex, Commodities and Cryptocurrencies. He is among the top 10 most Read More
    Jonas Borchgrevink
    Founder
    Jonas Borchgrevink is the founder of Hacked.com and CryptoCoinsNews.com. He is a serial entrepreneur, trader and investor. He shares his own personal journey on Hacked.com. // -- Discuss and ask Read More
    Mate Csar
    Analyst
    Trader and financial analyst, with 10 years of experience in the field. An expert in technical analysis and risk management, but also an avid practitioner of value investment and passive Read More
    Mati Greenspan
    Analyst
    Senior Market Analyst at Etoro.com. // -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- // Important: Never invest Read More
    Rakesh Upadhyay
    Analyst
    Rakesh Upadhyay is a Technical Analyst and Portfolio Consultant for The Summit Group. He has more than a decade of experience as a private trader. His philosophy is to use Read More
    Pamela Meropiali
    Account Manager
    Pamela Meropiali is responsible for users on Hacked.com. // -- Discuss and ask questions in our community on Workplace. Don't have an account? Send Jonas Borchgrevink an email -- // Read More
    Joseph Young
    Journalist
    Joseph Young is a finance and tech journalist & analyst based in Hong Kong. He has worked with leading media and news agencies in the technology and finance industries, offering Read More
    An activist hacking group who call themselves New World Hacking…