Ransomware has traditionally involved advanced exploitation of desktop vulnerabilities, gaining the Windows equivalent of root, and encrypting the file system in such a way that the user can only get out of it by making a payment. Police departments, along with thousands of everyday users, have been impacted. Often in the case of police departments, phishing was involved.
Ransom32 relies on a fork of Node.js known as NW.js. After the malware pusher has configured and downloaded an archive of the software, they are presented with some files that they then must get deployed on target systems. This can be the difficult part, especially with this particular piece of software, which clocks in at more than 20 megabytes. The victim will have to be somewhat dedicated in getting hold of it, but this can be achieved with relative ease if phony downloads of popular things are used. One idea to deploy this might be to simply make it seem to be a movie or something on a Torrent site.
Also read: U.S. Senators Seek Answers From Feds On Ransomware Attacks Against Government Agencies
For a more in-depth look at Ransom32, check out this blog post by Emisoft, which also happens to provide antivirus software for Windows that inoculates against Ransom32 among a host of other things. From there:
We consider ransomware one of the biggest threats of the past year and plan to do our best to continue our excellent track record in the next year, to keep our users as protected as possible.
The standard recommendation should also be added here: in 2016, you do not have to use Windows to get work done. It is quickly becoming the platform of gamers, not workers, and your choices are myriad.
Featured image from Shutterstock.