First-Ever Ransomware Written in GoLang Is a Dud
Security Update : The first ever ransomware variant detected written in Google’s Go programming language isn’t the success its authors hoped to be, with researchers cracking its encryption and releasing a free decrypter.
Detected under the generic name of Trojan.Encoder.6491, this ransomware variant appeared only three days ago.
According to Dr.Web, an antivirus maker based in Russia, the ransomware is currently spread via a file named Windows_Security.exe, most likely masquerading as a Windows Security update, just ahead of this month’s Patch Tuesday.
Trojan.Encoder.6491 uses an encryption scheme that relies on the AES algorithm and targets to encrypt 140 file types while also avoiding core Windows directories so not to mess up the target’s PC.
You can spot Trojan.Encoder.6491 by the way it renames files after it encrypts them. The ransomware takes a file named photo.png and encodes its name using the Base64 algorithm, app… (read more)