Security News > 2021 > January > Vovalex is likely the first ransomware written in D

Vovalex is likely the first ransomware written in D
2021-01-29 19:25

A new ransomware called Vovalex is being distributed through pirated software that impersonates popular Windows utilities, such as CCleaner.

While Vovalex is no different, what stands out to Advanced Intel's Vitali Kremez and MalwareHunterTeam, who found the ransomware, is that it may be the first ransomware written in D. 2021-01-29: #Vovalex #Ransomware ... in #Dlang or 'D'|x64 ~32mb Size.

When executed, the ransomware will launch a legitimate CCleaner installer and copy itself to the random file name in the %Temp%folder.

The ransomware will begin to encrypt files on the drive and append the.

When done, the ransomware will create a ransom note named README.VOVALEX.txt on the desktop that asks for 0.5 XMR to retrieve a decryptor.

If the threat actors partner with fake crack sites and adware bundles, similar to how STOP ransomware is distributed, then we may have a bigger problem on our hands.


News URL

https://www.bleepingcomputer.com/news/security/vovalex-is-likely-the-first-ransomware-written-in-d/