Search This Blog

Friday, June 17, 2016

Nemucod ups its game

Some time ago, we detailed how the Locky ransomware infection process works. Since then, the creators of the Nemucod “downloader” (the code responsible for downloading and executing malware like Locky) have been hard at work polishing their code.
One of the latest versions of Nemucod shows some notable changes over the older versions. In the past, the process was pretty simple: “User opens malicious file → File downloads payload → payload gets executed”. In the more recent versions however, it’s somewhat less straightforward.


Nemucod ups its game

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.