Cyber security firm ESET is warning people against a wave of infected emails after discovering an unusual high record of a malicious downloader called Nemucod in several countries, including New Zealand and Australia.
Since March 11, there was a rapid increase in the number of infected emails containing a malicious attachment, which downloads and installs ransomware onto an infected device. When opened, it encrypts victims’ files on their PCs and requires a ransom for decryption.
According to ESET, Nemucod is spread via emails, which contain attached zipped files. Emails are written in a very trustworthy way, claiming to be invoices, notices of appearance in court or other official documents.
“Nemucod currently downloads mainly ransomware, for example TeslaCrypt or Locky. These encrypt the data on the victim’s computer and demand ransom,” says Peter Staník, security evangelist at ESET.
Both TeslaCrypt and Locky ransomware use encryption standards similar to those used by financial institutions when securing online payments, Stanki says.
In New Zealand, the Nemucod malware accounted for 40% of all malware detected by ESET protection systems.
In Australia, the Nemucod malware accounted for 33% of all malware detected by ESET protection systems.
How to protect against this threat: