Locky ransomware spotted using Javascript downloader

[Mihir :-)]

Content source

http://www.scmagazine.com/locky-seen-using-javascritp-downloader-instead-of-binary-or-macros/article/492071/

FireEye researchers spotted a Lockyransomware campaign using Javascriptdownloaders to infect users instead of macro- or binary-based downloaders.

Threat actors are sending the malicious downloaders using malicious .zip and .rar files disguised as invoices, corporate documents, tax information, and other seemingly benign files in order to spread the new downloader.

Read more Locky ransomware spotted using Javascript downloader

 

[hjlbx]

Just monitor\block cmd.exe, wscript.exe and cscript.exe to foil JS.Downloaders.

 

[LabZero]

Javascript malcode is now the Pandora's box..

 

[hjlbx]

Javascript malcode is now the Pandora's box..

The absolute worst... and we're just talking about discrete files here.

I'm not even sure what is possible with undiscovered\undocumented stuff that can bypass WSH or stuff like browsers that sometimes have their own built-in host process like\virtual machines.

 

[jamescv7]

No one pay attentions on Javascript which already we deal for every lives that can provide risks especially that many AV's bypass those silly scripts.

Tiny but deadly.