Sectors
Companies
About
Subscribe

ESET warns against wave of infected e-mails

Issued by OFyt for ESET Southern Africa
Johannesburg, 18 Mar 2016

After recent activity and research around the world, ESET has managed to detect a malicious downloader under the name Nemucod, and warns users about an increased number of infected e-mails containing a malicious attachment, which downloads and installs ransomware onto an infected device.

When opened, it encrypts victims' files on their PCs and requires a ransom for decryption. This downloader is widespread via e-mails, which contain attached zipped files.

E-mails are written in a very trustworthy way, claiming to be invoices, notices of appearance in court or other official documents. Attackers are just trying to get users to open the malicious attachment that contains a JavaScript file, which, once opened, downloads and installs Nemucod to the victim's PC.

"Nemucod currently downloads mainly ransomware, for example, TeslaCrypt or Locky. These encrypt the data on the victim's computer and demand ransom," says Carey van Vlaanderen, ESET Southern Africa.

Both TeslaCrypt and Locky ransomware use encryption standards similar to those used by financial institutions when securing online payments.

See also
Ransomware: Are businesses the next target?
Public Wi-Fi: your security questions answered

The virus has been detected in Europe, North America, Australia and Japan - South Africa is prone to receiving such threats as well.

Here are a few tips on how to protect yourself against this threat:

* Do not open attachments sent to you in e-mails from unknown senders.
* Warn colleagues who most frequently receive e-mails from external sources - for instance, financial departments or human resources.
* Regularly backup your data. In case of infection, this will help you recover all your data. An external disc or other storage should not remain connected to the computer in order to avoid infection by filecoder.
* Regularly install updates of your OS and other software you use. If you still use Windows XP, seriously consider moving to other, supported, operating systems of Windows.
* Security software must also be used with all updates installed, ideally with the latest version. IT security vendors are packing new versions of their software with additional security features.
* Users of ESET solutions are protected when ESET LiveGrid Reputation System is turned on. This technology protects users' devices against ransomware by actively blocking their processes.

The map above shows the prevalence level of the Nemucod malware. The scale spans from 0% (deep green) to 75% (Japan).
The map above shows the prevalence level of the Nemucod malware. The scale spans from 0% (deep green) to 75% (Japan).

Share

ESET

Since 1987, ESET has been developing record award-winning security software that now helps over 100 million users 'Enjoy Safer Technology'. Its broad security product portfolio covers all popular platforms and provides businesses and consumers around the world with the perfect balance of performance and proactive protection. The company has a global sales network covering 180 countries, and regional offices in Bratislava, San Diego, Singapore, Buenos Aires and Cape Town. For more information, visit www.eset.co.za or follow ESET on LinkedIn, Facebook and Twitter.

Editorial contacts

Bianca Gardella
OFyt
bianca.gardella@ofyt.co.za