actual description of the ransomware: <a href="http://www.bleepingcomputer.com/news/security/ransom32-is-the-first-ransomware-written-in-javascript/" rel="nofollow">http://www.bleepingcomputer.com/news/security/ransom32-is-th...</a><p>I thought it was going to be activex based, but actually it uses NW.js, interesting.<p>edit: actually the new ransomware in the article is this one: <a href="http://www.bleepingcomputer.com/news/security/the-new-raa-ransomware-is-created-entirely-using-javascript/" rel="nofollow">http://www.bleepingcomputer.com/news/security/the-new-raa-ra...</a><p>which does use WScript/ActiveX in its code so its windows only.