nemucod


Everyone has heard how ransomware shut down the networks of several large healthcare providers this past year. To get their systems unlocked, these organizations paid huge ransoms to cybercriminals. Healthcare networks are notoriously vulnerable, and have been tagged by the media and security professionals as the preferred target for these sorts of attacks.That may be about to change. Fortinet research conducted over the past several months shows that manufacturing is likely to be the next industry specifically targeted by ransomware. In our latest... [Read More]
by RSS Bill McGee  |  Jun 06, 2016  |  Filed in: Industry Trends & News
It came to our attention that a new, rather peculiar version of Nemucod has been recently landing on users. Nemucod is a well-known JavaScript malware family that arrives via spam email and downloads additional malware to PCs. Most recently, Nemucod has been known to download TeslaCrypt ransomware variants. However, the last few weeks saw a shift in Nemucod variants--it now has a code to drop ransomware from its body. The sample arrives via a typical Nemucod spam with encrypted JavaScript attachment.  Upon decrypting the JavaScript, we... [Read More]
by RSS Roland Dela Paz  |  Mar 16, 2016  |  Filed in: Security Research