sb-nz logo
Story image

ESET warns against wave of infected emails

Cyber security firm ESET is warning people against a wave of infected emails after discovering an unusual high record of a malicious downloader called Nemucod in several countries, including New Zealand and Australia.

Since March 11, there was a rapid increase in the number of infected emails containing a malicious attachment, which downloads and installs ransomware onto an infected device. When opened, it encrypts victims’ files on their PCs and requires a ransom for decryption.

According to ESET, Nemucod is spread via emails, which contain attached zipped files. Emails are written in a very trustworthy way, claiming to be invoices, notices of appearance in court or other official documents.

Attackers encourage users to open the malicious attachment that contains a JavaScript file, which after it is opened, downloads and installs Nemucod to the victim’s PC.

“Nemucod currently downloads mainly ransomware, for example TeslaCrypt or Locky. These encrypt the data on the victim’s computer and demand ransom,” says Peter Staník, security evangelist at ESET.

Both TeslaCrypt and Locky ransomware use encryption standards similar to those used by financial institutions when securing online payments, Stanki says.

In New Zealand, the Nemucod malware accounted for 40% of all malware detected by ESET protection systems.

In Australia, the Nemucod malware accounted for 33% of all malware detected by ESET protection systems.

How to protect against this threat:

  • Do not open attachments sent to you in emails from unknown senders.
  • Warn colleagues who most frequently receive emails from external sources – for instance financial departments or human resources.
  • Regularly backup your data. In case of infection, this will help you recover all your data. An external disc or other storage should not remain connected to your computer in order to avoid infection by filecoder.
  • Regularly install updates of your OS and other software you use. If you still use Windows XP, seriously consider moving to another, supported operating system of Windows.
  • Security software must also be used with all updates installed, ideally with the latest version. IT security vendors are packing new versions of their software with additional security features.
  • Users of ESET solutions are protected when ESET LiveGrid® Reputation System  is turned on. This technology protects users’ devices against ransomware by actively blocking their processes.
Story image
Video: 10 Minute IT Jams - Who is LogRhythm?
LogRhythm VP of sales for Asia Pacific Simon Howe, who discusses the company's primary offerings and services, what products the company is focused on for the future, and the infrastructure it has in the A/NZ market.More
Story image
Cisco report: Remote working is here to stay, making cybersecurity a top priority
"With this new way of working here to stay and organisations looking to increase their investment in cybersecurity, there’s a unique opportunity to transform the way we approach security as an industry to better meet the needs of our customers and end-users.”More
Story image
Majority of industrial enterprises face increase cyber threats since COVID-19
Leadership's top cyber security priority was implementing new technology solutions since the onset of the pandemic.More
Story image
UiPath and eSentire bring hyperautomation to Microsoft Security
UiPath and eSentire have announced a strategic partnership to deliver end-to-end security policy automation across multiple Microsoft Security services.More
Story image
Zoom to begin rolling out end-to-end encryption
Available starting from next week, it represents the first phase out of four of the company’s greater E2EE offering, which was announced in May following backlash that the company was lax on its security and privacy.More
Story image
Video: 10 Minute IT Jams – A glimpse inside a ransomware cell
This is our second IT Jam with SonicWall senior manager of product marketing Brook Chelmo, and in this video Brook walks us through his one-on-one experience with a member of a ransomware cell. More