RAA ransomware, dubbed RAA, is made entirely of JavaScript (JS) code. The malware is distributed via emails, posing as attachments with a.js file name. Once a file is opened, it starts its malicious process by scanning the victim machines and then encrypting select files. It will then demand a ransom of around $250. The only way to beat the threat is to follow security best practices and stay vigilant regarding the opening of suspicious or unknown emails. It also installs Pony, a well-known password stealer, from the poisoned JS file.”]
Source: https://securityintelligence.com/news/raa-ransomware-is-all-javascript-researchers-say/