Windows Warning: Nodersok Virus (AKA Divergent)
A new strain of malware has infected thousands of computers globally, enabling infected system to be used to spread malicious traffic and also to perform click-fraud. The malware, which both Microsoft and Cisco have highlighted in reports, delivers a rare NodeJS-based malware, distributed via malicious adverts on sites, which then forcibly download files onto users' computers. Microsoft has identified and named the malware "Nodersok", meanwhile Cicso have dubbed the same malware as "Divergent".
The majority of installations have happened in the last month on EU and US based machines.
So what's the advice?
- Watch out for internet downloads and remove any that you don't know. The system automatically downloads via HTML applications and clicking on unknown files is a risk. What's more, only download and execute what you actually need, and make sure you are hygienic in your processes and only download from trusted sources.
- Ensure your Windows Defender is up to date. Windows has already spotted the issue and says that the files leave a noticeable footprint if you know what you are looking for. The programme should therefore be able to spot any installations on your machine.
- Always make sure your antivirus is up to date and is from a reputable company. The footprint of the virus has been shared and security firms are releasing patches and updates to protect PCs.
- Avoid clicking on banner adverts, particularly from unfamiliar websites. If you're really interested in the advert, go direct to the website and not via the banner advert to protect from unwanted files.