Bewware Of NemucodAES And Kovter Malware

By   ISBuzz Team
Writer , Information Security Buzz | Jul 20, 2017 09:50 am PST

With the news that two malware families, NemucodAES and Kovter are being packaged together in .zip attachments and are being delivered via active spam, AlienVault Security Researcher, Chris Doman has given advice on how to protect against it.

Chris Doman, Security Researcher at AlienVault:

Christopher Doman “The best advice with ransomware is to always maintain regular backups that ransomware can’t touch. In the case of NemucodAES, Emsisoft recently published a decrypter for some versions.

“Criminals often pair two different malware families together in the hope that anti-virus software may detect one but not the other.

“Previously, we’ve seen the Locky ransomware distributed with Kovter – now it seems Kovter and NemucodAES are coming across as a pair.

“Both Kovter and Nemucod are normally easy to detect, though NemucodAES’s dependence on malicious scripts, rather than compiled code, can make it harder to detect in some circumstances.”