Ransomware Just Got Worse By The Use of JavaScript

by - 7 years ago


Ransomware is probably one of the peskiest and most annoying things that your computer can catch. Not only do you lose access to your files, you have to pay a criminal to release them again. Even if you should choose to pay, there is no guarantee what-so-ever that the criminal will release the files again or hide more malware to hit you again once you are “free”. If that wasn’t bad enough, a new version of Ransom32 has arrived that exploits JavaScript in order to infect you and worst of all, barely any anti-virus and anti-malware programs will catch it at this time.

While all this sounds bad, there are ways to protect yourself and if you use common sense while surfing the web, then you should be safe anyway. Stay away from dubious websites and don’t touch any archive or executable downloaded from anything but official manufacturer websites. But let us get back to the new malware in question, the ransomware called Ransom32.


Ransom32 is built on the NW.js-Framework which was developed to build desktop applications on a javascript base. A really cool framework by the way. That, unfortunately, means that where we usually only see Windows users that are at risk, those with Linux and MacOS are equally vulnerable to Ransom32. Thanks to the use of this framework, the ransomware is able to get past the sandbox environment that JavaScript runs in these days.

The security researcher Fabian Wosar from EmsiSoft discovered the new Ransom32 as a self-extracting RAR-Archiv. If that archive is unpacked, it will hide in your temp folder and disguise itself as the Chrome web browser and be visible as Chrome.exe. This is where advanced users already had noticed it and not used any automatic-unpack function. However, should the new chrome.exe be executed, then it will start to encrypt all your files with AES-128 bit CTR-mode and also place itself firmly in the systems autostart features.


The Ransom32 creators have also made it very easy for people to use their tool. Evil minded people can access the tool via a Tor address. When on the site, they can customize the tools features before downloading it. The creators reportedly also use the same network for their control servers and connections. To top the whole thing off, the creators take 25 percent of the accumulated ransoms for themselves, and everything stays anonymous thanks to the use of Bitcoins.


We can only hope that the virus scanners and anti-malware tools get an update soon so the less tech-minded people won’t get infected by this nasty new piece of software. You can also read a lot more details about this new piece of software on the EmsiSoft blog.

Article Index

Author Bio

8 Comments on Ransomware Just Got Worse By The Use of JavaScript

  • Avatar staticfx says:

    yet another reason that I believe Bitcoins should be illegal.

    • Oh look, another bitcoin hater.

      Ransomware has been around long before the public release of BTC. All the people who distribute the

      • Avatar Ravi Parekh says:

        I dont like the tone of your post, it makes you sound like a dick.

        • Avatar Druccy LaMandrake says:

          Yea he may sound like a dick but he knows what he is going on about unlike the rest of you ignoranuses.

          • Avatar Ravi Parekh says:

            Yet I didn’t say enough about the topic for you to judge if I know what I’m ‘going on about’ or not…

    • Avatar RacistPenguin says:

      Guns kill people, they should be illegal.
      You can stab someone with a knife, they should be illegal.
      You can strangle someone with a rope, they should be illegal.
      You can suffocate someone with a pillow, they should be illegal.

      See where I’m going with this?

      • Avatar staticfx says:

        Guns should not be illegal. neither knives, ropes, etc. No… see my point is that its too easy to cover your tracks with bitcoins. Guns, ropes, knives, all physical items that are traceable. bitcoins… nope. Drug money, laundering, illegal purchasing, etc… there is a big difference.

  • Saying bitcoin should be illegal because it is untraceable is stupid. Cash is basically also untraceable, are we going to make cash illegal because people use it to pay for drugs and crimes? Are we going to make the internet illegal because it has people who abuse it to harm others? No, because while some people will exploit these things for evil, there is still a perfectly good use for them, which isn’t breaking any laws. They are simply tools that can lead to evil, but are created and mostly used with good intent.

Related Posts