RAA is delivered as a .js file. Criminals attach this file to spam email, frequently disguising it to look like a Microsoft Office document so that users might download and execute the code contained in the file. Emsisoft security researcher Fabian Wosar, in January of this year discovered Ransom32, the first ransomware family written in JavaScript, Ransom32 however was only coded in Node.js, and thieves continued distributing it as an executable. Continue reading this story here.