The Nemucod trojan is on the rise and being used to spread Teslacrypt ransomware via phishing campaigns, although the silver lining is not as many people are being victimized this time around.
Josep Albors, ESET Spain communications & lab director, at WeLiveSecurity blogged that a huge spike in the use of the Nemucod Trojan was detected during the previous week, on average a 10 percent uptick worldwide with some countries receiving double or triple the number of attacks. The attackers use email to deliver a ZIP container housing a Javascript file that downloads Teslacrypt.
“The fact that the numbers of affected users has not been as high as previous ransomware campaigns despite the elevated number of detections is good news. It means that the users are using protection measures capable of detecting new threats and it can also mean that they are not executing suspicious files attached to emails,” Albors wrote.
