Several Trojans hide behind the name Nemucod, that were developed in JavaScript and whose goal is to download even more malware, specially ransomware.
Nemucod is distributed through e-mail messages containing attached zipped files. Those e-mails are written in a pleasant manner that inspires trust, usually they pose as receipts, legal or official documents. All the cyber-criminals doing this want is that users open the attached files that will have a JavaScript sequence. Once the file is open, it will download and install some other malware into the victims computers.
Up until today, Nemucod mostly downloads ransomware like TeslaCrypt or Locky. Those programs will encrypt all files on the victim’s computer to ask afterwards for a ransom to give them back.
How can we protect ourselves from Nemucod?
- Never opening attached files in e-mails whose sender we don’t know.
- Performing regular backups from our computers. In case of infection this will help us recover our files. External hard drives and any other kind of external storage devices must not be kept permanently branched to the computer to avoid encrypting infections.
- Regularly updating our system and all software installed on it. If you’re still using Windows XP, it’s time you move on to another Windows version that has support and updates available.
- All updates for your security software must be installed, and make sure to have always the latest version.
You’ll find below a guide to help you remove Nemucod if it is hidden on your computer.
View full solution