Ransom32 is a new family of Ransomware discovered by researchers from the security firm Emsisoft.
NW.js allows developers to create Windows, Linux, and Mac OS X desktop applications using JavaScript.
For now, only Windows PC appears to have been infected with Ransomware.
As with many threats, Ransom32 is generally distributed via spam campaigns.
This service allows any amateur to distribute the threat after setting up its customized version of Ransomware.
After each payment made by a victim, the funds are transferred to the account of the malware authors.
Therefore, they recover a 25% commission before repaying the rest of the money to distributors.
At registration, future distributors ransomware access an administration page where they can perform some configurations.
There, they can configure the malware (completely lock the computer, low CPU usage, etc.)
but also set the number of bitcoins paid by the victim.
This rather commended the encryption used by Ransom32.
It compares the original cryptolocker.
If Fabian could break ransomware many families in the past, he said this new variant is now indecipherable.
This software has malicious code, and the framework needed to execute the malicious software.
This means that Ransom32 is not counting on any existing framework on the users computer.
WinRAR file also includes information about configuring the malware.
