Free Republic
Browse · Search
General/Chat
Topics · Post Article

Skip to comments.

New (Windows) ransomware strain coded entirely in Javascript
BBC ^ | June 20, 2016

Posted on 06/20/2016 7:31:04 PM PDT by Swordmaker


The script is disguised as a document

Security researchers have discovered a new strain of ransomware coded entirely in Javascript, which could increase its chances of being activated. Unlike executable program files, Javascript documents do not always trigger a security warning on Windows or require administrator access to run.

Named RAA, the malware is disguised as a document and starts encrypting files immediately when opened.

One security expert said the approach was likely to fool many victims. "It's an interesting approach to ransomware," said Ken Munro of security company Pen Test Partners.

"Using Javascript as an attachment to an email is likely to result in many victims accidentally installing it."

(Excerpt) Read more at bbc.com ...


TOPICS: Business/Economy; Computers/Internet
KEYWORDS: computers; computing; crime; internet; javascript; malware; ransomeware; windowspinglist
Navigation: use the links below to view more comments.
first previous 1-2021-4041-47 next last
To: Swordmaker

Bump.


21 posted on 06/20/2016 11:29:10 PM PDT by Huntress ("Politicians exploit economic illiteracy." --Walter Williams)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

Why aren’t the penalties for the authors of such useless maliciousness far far harsher?


22 posted on 06/20/2016 11:39:31 PM PDT by Teacher317 (We have now sunk to a depth at which restatement of the obvious is the first duty of intelligent men)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Teacher317

You mean like drawing and quartering them? Personally, I think that’s too mild. The problem is it’s an international crime which takes place in a virtual crime scene. What they steal is really never removed from your premises, and has no physical existence: it’s virtual property. Often, the victim did the damage themselves by installing something. The victims are in the USA, the ones committing the crime are in Siberia or China or Nigeria, or somewhere else equally untraceable and inaccessible, and they demand their payoff in untraceable, instantly transferable, virtual money, bitcoins. How do you find them, much less arrest them?


23 posted on 06/21/2016 12:03:27 AM PDT by Swordmaker (This tag line is a Microsoft insult free zone... but if the insults to Mac users continue..)
[ Post Reply | Private Reply | To 22 | View Replies]

To: Swordmaker

Easy to add a Registry entry to prevent JS from running outside of a browser.


24 posted on 06/21/2016 12:33:21 AM PDT by NoLibZone (The US is now as corrupt as Mexico. Hillary will be rewarded. The US is only a Goldman Brand now.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: arl295

Does that fix work for all users out do you have to do that for every user?


25 posted on 06/21/2016 1:19:18 AM PDT by raybbr (That progressive bumpers sticker on your car might just as well say, "Yes, I'm THAT stupid!")
[ Post Reply | Private Reply | To 13 | View Replies]

To: Teacher317

They’re in Russia, therefore untouchable.


26 posted on 06/21/2016 3:05:34 AM PDT by Fresh Wind (Hey now baby, get into my big black car, I just want to show you what my politics are.)
[ Post Reply | Private Reply | To 22 | View Replies]

To: arl295

bttt


27 posted on 06/21/2016 4:24:17 AM PDT by A Cyrenian (Don't worry about stuffing the bus or filling the fridge. Try filling the Church.)
[ Post Reply | Private Reply | To 13 | View Replies]

To: sagar

Yes, let’s trash the entire Windows platform because a group of idiots code a PLATFORM AGNOSTIC ransomware app in a popular web scripting language. Bravo. That’s the way to go!


28 posted on 06/21/2016 5:34:11 AM PDT by rarestia (It's time to water the Tree of Liberty.)
[ Post Reply | Private Reply | To 4 | View Replies]

To: Swordmaker

Change .js files to open in Notepad.


29 posted on 06/21/2016 5:34:58 AM PDT by AppyPappy (If you really want to irritate someone, point out something obvious they are trying hard to ignore.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: rarestia

A user who is too stupid to keep Windows secure is not going to last a week using Linux.


30 posted on 06/21/2016 5:36:48 AM PDT by AppyPappy (If you really want to irritate someone, point out something obvious they are trying hard to ignore.)
[ Post Reply | Private Reply | To 28 | View Replies]

To: raybbr

Since it is in the local machine key, I would say it is for all users of that machine


31 posted on 06/21/2016 6:26:09 AM PDT by arl295
[ Post Reply | Private Reply | To 25 | View Replies]

To: AppyPappy

I’m a Microsoft (certified) engineer and work a lot in RHEL and Debian, and even though I check netstat, top, and iptables on a regular basis, I still worry about whether or not I’ve secured my Linux servers.


32 posted on 06/21/2016 6:33:26 AM PDT by rarestia (It's time to water the Tree of Liberty.)
[ Post Reply | Private Reply | To 30 | View Replies]

bkmk


33 posted on 06/21/2016 6:39:36 AM PDT by mad_as_he$$
[ Post Reply | Private Reply | To 10 | View Replies]

To: arl295

Same problem. They broke the “sandbox”.


34 posted on 06/21/2016 8:47:45 AM PDT by GingisK
[ Post Reply | Private Reply | To 12 | View Replies]

To: Swordmaker

I never download email to my computer; it’s on Microsoft’s server. Does that make a difference?


35 posted on 06/21/2016 9:06:02 AM PDT by Excellence (Marine mom since April 11, 2014)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Swordmaker

Don’t open unknown attachments. Don’t trust known attachments without confirming the source.


36 posted on 06/21/2016 9:58:06 AM PDT by JimRed (Is it 1776 yet? TERM LIMITS, now and forever! Build the Wall, NOW!)
[ Post Reply | Private Reply | To 1 | View Replies]

To: arl295; dayglored
Yes, it is. I tested it on other user accounts.

BTW, does anyone know how/if this would affect Windows phones?

37 posted on 06/21/2016 10:01:54 AM PDT by raybbr (That progressive bumpers sticker on your car might just as well say, "Yes, I'm THAT stupid!")
[ Post Reply | Private Reply | To 31 | View Replies]

To: rarestia

The “entire Windows Platform” is a giant ransomware. Businesses are losing billions because they cannot escape it once they get into it. How many are still running IE6/Win7? Talk about throwbacks.


38 posted on 06/21/2016 10:24:04 AM PDT by sagar
[ Post Reply | Private Reply | To 28 | View Replies]

To: sagar

...giant ransomware? What’s your angle? Microsoft is hands down the largest operating platform for business.

IE6? Microsoft stopped supporting anything earlier than IE10 last year. What are you on about? Do you understand production support lifecycle at all?


39 posted on 06/21/2016 11:00:53 AM PDT by rarestia (It's time to water the Tree of Liberty.)
[ Post Reply | Private Reply | To 38 | View Replies]

To: Viking2002

Do you know if my ‘noscript’ will stop this from infecting my computer?


40 posted on 06/21/2016 12:46:00 PM PDT by GOPJ (When a Muslim terrorist shoots up a gay bar, it's not gun violence.It's Islamic terrorism.Greenfield)
[ Post Reply | Private Reply | To 5 | View Replies]


Navigation: use the links below to view more comments.
first previous 1-2021-4041-47 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
General/Chat
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson