Security News > 2022 > January > TellYouThePass ransomware returns as a cross-platform Golang threat
TellYouThePass ransomware has re-emerged as a Golang-compiled malware, making it easier to target more operating systems, macOS and Linux, in particular.
The return of this malware strain was noticed last month, when threat actors used it in conjunction with the Log4Shell exploit to target vulnerable machines.
Golang is a programming language first adopted by malware authors in 2019 due to its cross-platform versatility.
A notable example of a successful malware written in Golang is the Glupteba botnet, which was disrupted last month by Google's security specialists.
Crowdstrike analysts report a code similarity of 85% between the Linux and Windows samples of TellYouThePass, showcasing the minimal adjustments needed to make the ransomware run on different operating systems.
Prior to initiating the encryption routine, TellYouThePass kills tasks and services that could risk the process or result in incomplete encryption, like email clients, database apps, web servers, and document editors.