Irish Vodafone customers need to be incredibly wary of downloading this virus 6 years ago

Irish Vodafone customers need to be incredibly wary of downloading this virus

Keep a firm eye out for this.

Eset has admitted on their blog that a new email scam is going around, tricking Vodafone customers into downloading a malicious ransomware called 'Nemucod trojan'.


Vodafone customers are fooled into downloading this hidden ransomware by clicking a button that asks them to view their supposed 'phone bill'.

Ireland has a hard time tackling Nemucod and Eset has found that there is a 50% detection rate in the country compared to the global average of 15%.

Customers receive an email claiming to be from Vodafone and attached will be the user's phone bill for a period of time.

As normal, the user will tap on the link which says 'click here to view your bill' and by doing so will download a ZIP file called 'Vodafone,' which also contains a JavaScript file called ‘Vodafone bill.js’.


The JavaScript file, however, carries the ransomware and before you know it, it will be downloaded on your device.

Speaking on the blog, Urban Schrott and Ciaran McHale issued a fierce warning about the brutal bug that's trying to hack the network's customers.

“The code is heavily obfuscated, but once activated, it proceeds to download the Nemucod trojan, which is used for further downloading all kinds of malware, ranging from ransomware to back doors and banking trojans.

"Eset Ireland urges caution when receiving emails like these and avoiding clicking on unverified links or opening attachments downloaded from them,” they concluded.


Vodafone has various online security tips on their website, which can help people from falling victim to any false bills or any unnormal cyber activity.