Vovalex is the first ransomware written in D. It is distributed by cybercrime via pirated software of popular Windows utilities

Vovalex is a new ransomware distributed through pirated software that impersonates popular Windows utilities, such as CCleaner. It has been discovered by the cybersecurity expert MalwareHunterTeam. According to Bleeping Computer, it could be the first ransomware written in D. When executed, the malware will launch a legitimate CCleaner installer and copy itself to the random file name in the %Temp%folder. It will begin to encrypt files on the drive and append the .vovalex extension to encrypted file’s names. Once done, it will create a ransom note named README.VOVALEX.txt on the desktop that asks for 0.5 XMR (Monero) to retrieve a decryptor. Today, it is unknown if it’s possible to decrypt the ransomware for free. However, Vovalex is not widely distributed at this time.