Nemucod’s Fishy Ransomware Claims

Roland Dela Paz describes for Fortinet how Nemucod, much spammed malware already well-known for downloading malware including (recently) Teslacrypt, now has the ability to drop ransomware directly (i.e. from its own body) including the ransom note and a batch file to initiate the encryption.

Nemucod Adds Ransomware Routine

The good news is that the ransomware isn’t as effective as the ransom note tries to persuade the victims: not yet, anyway. It’s not the case that ‘Nobody can help you but us.’ That doesn’t mean this will always be the case, though.

Dela Paz notes some resemblance between this ransomware and KeyBTC but notes that it can’t be confirmed at present that there is a direct relationship.

David Harley




Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.