Blog | G5 Cyber Security

JSWorm: The 4th Version of the Infamous Ransomware

Malware researchers at Yoroi -Cybaze ZLab have analyzed the fourth version of the infamous JSWorm Ransomware. The malware encrypts all the user files appending a new extension to their name. Unlike other ransomware, the extension is composed by many fields, reporting the information the user needs to move on the ransom payment phase. During the encryption phase, the malware creates an HTML Application JSWRM-DECRYPT.hta in each folder it encounters.”]

Source: https://securityaffairs.co/wordpress/90811/malware/jsworm-4-ransomware-analysis.html

Exit mobile version