New (Windows) ransomware strain coded entirely in Javascript

BBC ^ | June 20, 2016

[Huntress]

Bump.

[Teacher317]

Why aren’t the penalties for the authors of such useless maliciousness far far harsher?

[Swordmaker]

You mean like drawing and quartering them? Personally, I think that’s too mild. The problem is it’s an international crime which takes place in a virtual crime scene. What they steal is really never removed from your premises, and has no physical existence: it’s virtual property. Often, the victim did the damage themselves by installing something. The victims are in the USA, the ones committing the crime are in Siberia or China or Nigeria, or somewhere else equally untraceable and inaccessible, and they demand their payoff in untraceable, instantly transferable, virtual money, bitcoins. How do you find them, much less arrest them?

[NoLibZone]

Easy to add a Registry entry to prevent JS from running outside of a browser.

[raybbr]

Does that fix work for all users out do you have to do that for every user?

[Fresh Wind]

They’re in Russia, therefore untouchable.

[A Cyrenian]

bttt

[rarestia]

Yes, let’s trash the entire Windows platform because a group of idiots code a PLATFORM AGNOSTIC ransomware app in a popular web scripting language. Bravo. That’s the way to go!

[AppyPappy]

Change .js files to open in Notepad.

[AppyPappy]

A user who is too stupid to keep Windows secure is not going to last a week using Linux.

[arl295]

Since it is in the local machine key, I would say it is for all users of that machine

[rarestia]

I’m a Microsoft (certified) engineer and work a lot in RHEL and Debian, and even though I check netstat, top, and iptables on a regular basis, I still worry about whether or not I’ve secured my Linux servers.

[mad_as_he$$]

bkmk

[GingisK]

Same problem. They broke the “sandbox”.

[Excellence]

I never download email to my computer; it’s on Microsoft’s server. Does that make a difference?

[JimRed]

Don’t open unknown attachments. Don’t trust known attachments without confirming the source.

[raybbr]

Yes, it is. I tested it on other user accounts.

BTW, does anyone know how/if this would affect Windows phones?

[sagar]

The “entire Windows Platform” is a giant ransomware. Businesses are losing billions because they cannot escape it once they get into it. How many are still running IE6/Win7? Talk about throwbacks.

[rarestia]

...giant ransomware? What’s your angle? Microsoft is hands down the largest operating platform for business.

IE6? Microsoft stopped supporting anything earlier than IE10 last year. What are you on about? Do you understand production support lifecycle at all?

[GOPJ]

Do you know if my ‘noscript’ will stop this from infecting my computer?