Home » Security » ESET Advises Nigerian Companies on ‘Jaff / WannaCryptor’ Ransomware
account takeovers scams , phishing malware
Cyber Attack Crime

ESET Advises Nigerian Companies on ‘Jaff / WannaCryptor’ Ransomware


For any suspicious emails, ESET strongly advised “Do not open”, indicating the Company is aware of several ransomware outbreaks that stem from malicious emails that can be used to introduce threats to your system.

ESET identifies these threats as Filecoder.WannaCryptor and Filecoder.NLI (Jaff), and ESET detects and blocks these threats and their variants and advised readers to visit http://support.eset.com/kb59351/ for a list of best practices to stop these threats.

“There were reports from our offices across Europe on how fast the spread is and major hospitals, ISPs and Telecommunication companies have already fell victim of the attack. The malicious email campaign stems from the Necurs botnet and spreads the new ransomware at the rate of more than 5 million emails per hour and hitting computers across the globe,” Mr. Olufemi Ake, country manager, ESET Nigeria said in an email to journalists on Sunday.

“Typically, once the victim is infected, their files are encrypted. Unlike the traditional ransomware which leaves a note of the amount required for payment, Jaff Filecoder would advise the victim to visit a payment portal via a Tor site to decrypt their valuable files, said Mr Ake.

ESET products can detect and block this malware.

As an existing ESET client, the Company strongly recommend that you follow the suggestions below to ensure the highest level of security on your computer:

Make sure that ESET Live Grid is enabled in your ESET product.

Make sure that your ESET software is upgraded to the latest version and has the latest Virus Signature Database updates.

READ ALSO  Justice For the Victims: Anonymous attacks Nigerian police, gives President Buhari 72 hours

Do not open attachments sent to you in emails from unknown senders. We also recommend that you avoid opening unsolicited email attachments from someone you know and trust.

Warn colleagues who frequently receive emails from external sources – for instance financial departments or Human Resources.

Regularly back up your data. In the event of infection, this will help you recover all data. Do not leave external storage used for backups connected to your computer to eliminate the risk of infecting your backups. If your system requires Windows Updates to receive the patch for this exploit, create new backups after applying the patch.

Disable or restrict Remote Desktop Protocol (RDP) access (see Remote Desktop Protocol best practices against attacks).

Disable macros in Microsoft Office.

If you are using Windows XP, disable SMBv1.

Leave a Reply

Your email address will not be published. Required fields are marked *



Check Also

scams phishing malware

Scams, phishing and malware : 60% of emails in May and June were fraudulent

Scams , phishing, and malware : ...

account takeovers 61 percent

61 percent of companies experience insider attacks

A new survey from Bitglass reveals that 61 ...

access bank

Access Bank denies hacker Ihebuzo Chris exposes 2000 customers’ data

Access Bank Plc  says it is ...

office 365 attack

Office 365: New phishing attack tries to steal credentials via Box

Office 365 new phishing attack: Researchers ...

UNILAG postgraduate student charged for allegedly defrauding Konga

UNILAG postgraduatestudent, Aniekan Charles Ekong has ...