Tellyouthepass is one of the many ransomware-like programs that encrypt files and keep them encrypted until a ransom is paid. The application renames all encrypted files with the “.locked” suffix and generates a ransom note in the text file “README.html”.
This ransomware encrypts data using the RSA-1024 and AES-256 cryptographic techniques. The only option to decrypt files is to acquire a decryption program from Tellyouthepass’s makers.
As reported by BleepingComputer, TellYouThePass ransomware has resurfaced as Golang-compiled malware, making it simpler to attack additional operating systems, particularly macOS and Linux.
The use of Golang is prompted by the fact that Golang is a programming language that was initially embraced by malware programmers in 2019 because of its cross-platform adaptability. Furthermore, Golang supports the packaging of required libraries into a single binary file, resulting in a reduced footprint of command and control (C2) server connections and, as a result, lower detection rates.
It is also easier to learn than other programming languages, such as Python and has current debugging and plugin tools that make programming easier.