Ransom32 — JavaScript-Powered Ransomware Affecting Windows

Ransom32 — JavaScript-Powered Ransomware Affecting Windows
Rate this post


Ransom32 is the New Year’s first Ransomware program which uses JavaScript and has ability to infect the Mac, Windows as well as the Linux machines. The very malicious computer threat has a dashboard which enables the victims too shows stats about how much Bitcoins they have already made. The very first copy of Ransom32 was detected by Emsisoft. It was found that this very hazardous and newly detected ransomware is embedded in self-extracting WinRAR archive and is using NW.js platform for penetrating into the victims’ computers. Once after it successfully infiltrates into your computer it will encrypt your system data with some 128-bit AES encryption.

Why Ransom32 uses NW.js Framework to Infiltrates

NW.js, is popularly known as Node-WebKit, which is a JavaScript framework used for app development based on Node.js and Chromium. NW.js framework allows for cross-platform infections and it’s also very harder to detect as it’s a legitimate framework.Ransom32 has some resemblance to CryptoLocker, which one of the common and the nasty Ransomware program. Ransom32 trade in dark web with the authors asking for 25 percent commission of all the ransom payments for offering its very service and rest of the amount will be forwarded to the operator’s Bitcoin address.

How Does Ransom32 Work?

Ransom32 is a nasty and dreadful Ransomware program that has been widely spread over Internet. Usually, this very malware infiltrates into your computer via opening spam emails. Additionally, it too comes bundled with downloaded freeware. As soon as it gets into your computer and successfully installed and launched it gets connected to command-and-control (C&C) server onto TOR anonymising network. It will encrypt victims system data and then after when you wish to access data it will display a note where users will get the Bitcoin address where victims are supposed need to pay money in order to recover their files.


How to Protect Yourself from Ransom32 Threat?

Ransom32 is deadly ransomware program and once infect your PC it can badly harm your PC. Here are some simple step given following which you can protect yourself from this threat:-

  • Never do open email attachments even coming from unknown sources.
  • Most Important, you should always browse the Internet safely(Avoid clicks to luring offer, try to avoid visiting infected websites, especially porn websites)
  • Never forget to keep regular backups of your important data.
  • Run an active anti-virus security suite of tools on your system.

Leave a Reply

Your email address will not be published. Required fields are marked *