Nemucod serves nasty package: Combining ransomware and ad-clickers

Nemucod, previously one of the worst infecting malware types in Ireland is causing mayhem again. Just last week ESET reported on Nemucod shifting away from ransomware and downloading the ad-clicking malware Kovter instead. Now, it seems that the operators of the notorious downloader went a step further and are serving their victims the whole package … More Nemucod serves nasty package: Combining ransomware and ad-clickers

Nemucod now spreading banking trojans

ESET researchers noticed a huge outbreak of a new Spy.Banker variant, detected as Spy.Banker.ADEA. Nemucod has previously been one of the most detected malwares in Ireland. On the morning of Friday August 12th, at around 12pm CET this new variant was spotted in Brazil. Similar to previous ones used by other banking trojans in South America, … More Nemucod now spreading banking trojans

Nemucod is back and serving an ad-clicking backdoor instead of ransomware

Nemucod, the Trojan that affected Ireland worst in 2016 is back with a new campaign. Instead of serving its victims ransomware, it delivers an ad-clicking backdoor Trojan detected by ESET as Win32/Kovter. As a backdoor, this trojan allows the attacker to control the machine remotely without the victim’s consent or knowledge. The currently used variant … More Nemucod is back and serving an ad-clicking backdoor instead of ransomware

Beyond TeslaCrypt: Crysis, a new ransomware family lays claim to parts of its territory

It has been two weeks since ESET created a TeslaCrypt decryptor, which allows victims of the ransomware to get their files back. This came on the back of its developers ceasing operations. Since then, over 32,000 users around the globe have taken advantage of this opportunity and downloaded the tool. But even with TeslaCrypt abandoning its territory, … More Beyond TeslaCrypt: Crysis, a new ransomware family lays claim to parts of its territory

Trojan Downloaders on the rise: Don’t let Locky or TeslaCrypt ruin your day

Weeks after it started attacking and encrypting victims’ files, Locky is still targeting many users. In order to provide more information about this threat, we have put together some information to help protect you in a better way. Short summary Win32/Filecoder.Locky.A is a ransomware variant that encrypts files with over 100 file types such as images, videos, databases, … More Trojan Downloaders on the rise: Don’t let Locky or TeslaCrypt ruin your day