Also known as: Nemty Project
Category: Malware
Type: Ransomware
Platform: Windows
Variants: Nemty 1.4, 1.5, and 1.6
Damage potential: File encryption, data loss, ransom demands, system performance issues
Overview
Nemty, or Nemty Project, is a type of malware that attackers use to encrypt a victim’s files. After encryption, they leave a note on the victim’s device, asking for a payment in cryptocurrency to unlock those files.
Nemty was first spotted in 2019, and researchers think it might be related to the GandCrab ransomware family because of similarities in their code and behavior. Nemty operates on a ransomware-as-a-service model and is regularly updated by its creators.
Possible symptoms
The most obvious signs of a Nemty infection are inaccessible files, a ".NEMTY_” extension added to file names, and a ransom note detailing how to contact attackers for payment. Additionally, you might notice:
- System performance issues, such as frequent crashes and slowdowns.
- Unexpectedly high data usage or network traffic.
- Unusual disk activity.
- Suspicious network connections.
- Login failures.
Sources of infection
Cybercriminals use phishing campaigns, freeware websites, peer-to-peer networks, malicious ads and websites, fake software updates, exposed Remote Desktop Protocols (RDP), and exploit kits to distribute this ransomware.
Protection
Good cybersecurity practices will help you steer clear of ransomware.
- Avoid downloading files or software from unofficial sources.
- Be careful with email attachments, especially from unknown senders. Do not open suspicious links, media, or documents.
- Use NordVPN to secure your online traffic.
- Scan your newly downloaded files for viruses and block malicious websites with NordVPN’s Threat Protection Pro feature.
- Make sure your operating system and software are updated.
- Install a reputable antivirus solution.
- Regularly back up important data.
Removal
You can use a reliable decryptor tool to get rid of Nemty ransomware. If you can’t perform the removal yourself or don’t have a clean backup to restore files from, get help from an IT specialist.