Jump to content

Recommended Posts

Posted (edited)

Be as descriptive as possible in your postings. None on the forum are "mind readers."

Appears you are referring to one of the most recent STOP ransomware variants. As such, this is not "new" malware:

Quote

The Nesa ransomware is distributed via spam email containing infected attachments or by exploiting vulnerabilities in the operating system and installed software.

Cyber-criminals spam out an email, with forged header information, tricking you into believing that it is from a shipping company like DHL or FedEx. The email tells you that they tried to deliver a package to you, but failed for some reason. Sometimes the emails claim to be notifications of a shipment you have made. Either way, you can’t resist being curious as to what the email is referring to – and open the attached file (or click on a link embedded inside the email). And with that, your computer is infected with the Nesa ransomware.

Nesa ransomware was also observed attacking victims by hacking open Remote Desktop Services (RDP) ports. The attackers scan for the systems running RDP (TCP port 3389) and then attempt to brute force the password for the systems.

https://malwaretips.com/blogs/remove-nesa/

As noted in the malwaretips.com article, there is presently no decrypter available for this STOP ransomware variant.

Are you stating that Eset failed to detect this variant?

Edited by itman

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...