ESET Warns Against a Wave of Infected E-mails
Created: 2016-03-11 00:00:00
ESET® warns users against an increased number of infected emails containing a malicious attachment, which downloads and installs ransomware onto an infected device. When opened, it encrypts victims‘ files on thier PCs and requires a ransom for decryption.
ESET telemetry detects this malicious downloader as JS/TrojanDownloader.Nemucod and records its unusually high incidence in Europe, North America, Australia and Japan.
Nemucod is wide-spread via emails, which contain attached zipped files. Emails are written in a very trustworthy way, claiming to be invoices, notices of appearance in court or other official documents. Attackers are just trying to get users to open the malicious attachment that contains a JavaScript file, which after it is opened, donwloads and installs Nemucod to the victims PC. Nemucod is known for downloading a diverstiy of other malware available in-the-wild.
“Nemucod currently downloads mainly ransomware, for example TeslaCrypt or Locky. These encrypt the data on the victim‘s computer and demand ransom,” says Peter Stančík, Security Evangelist at ESET.
Both TeslaCrypt and Locky ransomware use encryption standards similar to those used by financial institutions when securing online payments.
How to protect against this threat:
| • | Do not open attachments sent to you in emails from unknown senders. |
| • | Warn colleagues who most frequently receive emails from external sources – for instance financial departments or human resources. |
| • | Regularly backup your data. In case of infection, this will help you recover all your data. An external disc or other storage should not remain connected to computer in order to avoid infection by filecoder. |
| • | Regularly install updates of your OS and other software you use. If you still use Windows XP, seriously consider moving to other, supported operating system of Windows. |
| • | Security software must also be used with all updates installed, ideally with the latest version. IT security vendors are packing new versions of their software with additional scurity features. |
| • | Users of ESET solutions are protected when ESET LiveGrid® Reputation System is turned on. This technology protects users‘ devices against ransomware by actively blocking their processes. |
About ESET
ESET®, the pioneer of proactive protection and the maker of the award-winning ESET NOD32® technology, is a global provider of security solutions for businesses and consumers. For over 26 years, the Company continues to lead the industry in proactive threat detection. By obtaining the 80th VB100 award in June 2013, ESET NOD32 technology holds the record number of Virus Bulletin "VB100” Awards, and has never missed a single “In-the-Wild” worm or virus since the inception of testing in 1998. In addition, ESET NOD32 technology holds the longest consecutive string of the VB100 awards of any AV vendor. ESET has also received a number of accolades from AV-Comparatives, AV-TEST and other testing organisations and reviews. ESET NOD32® Antivirus, ESET Smart Security®, ESET Cyber Security® (solution for Mac), ESET® Mobile Security and IT Security for Business are trusted by millions of global users and are among the most recommended security solutions in the world.
ESET recently updated its two-factor authentication (2FA) application, adding a secure validation to weak and static user passwords. This updated version of ESET’s 2FA application provides flexibility and deeper integration of 2FA into bespoke applications, making it the best cost-effective solutions for SMBs everywhere.
The Company has global headquarters in Bratislava (Slovakia), with regional distribution centers in San Diego (U.S.), Buenos Aires (Argentina), and Singapore; with offices in Jena (Germany), Prague (Czech Republic) and Sao Paulo (Brazil). ESET has malware research centers in Bratislava, San Diego, Buenos Aires, Singapore, Prague, Košice (Slovakia), Krakow (Poland), Montreal (Canada), Moscow (Russia) and an extensive partner network for more than 180 countries. For more information visit www.eset.sg or follow us on Facebook and Twitter.
About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. Headquartered in Hong Kong, the Company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which includes Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
Version 2 Singapore Pte Ltd is the local office of Version 2 Limited.
For more information, please visit www.version-2.com.sg or call (65) 6296-4268.
Join ESET at Facebook