RAA is the first malware made 100 percent from JavaScript

Posted on Tuesday, June 21 2016 @ 16:26 CEST by Thomas De Maesschalck
BleepingComputer warns cybercriminals have created new ransomware that is made entirely from JavaScript. Called RAA, this piece of ransomware uses the CryptoJS library to apply AES encryption to your files. It is spread via e-mails as attachments that pretend to be doc files, they have names like "mgJaXnwanxlS_doc_.js".

When a user opens the JS file, RAA encrypts files on the computer and demands a ransom of around $250 to get the files back. At the moment, the RAA ransomware is primarily spread in Russia.
RAA is currently being distributed via emails as attachments that pretend to be doc files and have names like mgJaXnwanxlS_doc_.js. When the JS file is opened it will encrypt the computer and then demand a ransom of ~$250 USD to get the files back. To make matters worse, it will also extract the embedded password stealing malware called Pony from the JS file and install it onto the onto the victim's computer.
Full details on how RAA works and how you can protect yourself can be found over here.

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.


Loading Comments

Share this story!

Latest news

Latest reviews