home.aspx
 
. https://blogs.quickheal.com/jcry-ransomware-written-golang/
blog article
JCRY – A RANSOMWARE WRITTEN IN GOLANG
For several months, QH Labs has been observing an upswing in ransomware activity. We found a new ransomware which is written in Go lang. Malware authors are finding it easy to write ransomware in Go lang rather than traditional programming languages. Infection of Jcry ransomware starts with a compromised website. As shown in the above image, malware author tries to impersonate users by pretending to be an update of Adobe flash player and download malware on the user’s machine. Fig 1. contains a part of javascript hosted on the compromised domain, which downloads a malicious file from the given URL. Whenever an impersonated user clicks on the Update button and executes a malicious file with the intention of updating the flash player, malware starts its execution. READ MORE