Name of Malware: Nymaim

Type of Malware: Downloader

Affected Operating Systems: Windows

Affected Device Types: PCs, laptops

Impact: high

What is Nymaim?

Nymaim is a malware downloader.

Malware downloaders download other malware and then run it on the infected system. In the case of Nymaim, the malware downloaded may include the banking trojans Citadel and URLZone/Bebloh. Nymaim can also be expanded with additional functions using plug-ins. One of these plug-ins is designed to capture access data for e-mail accounts and FTP programs and pass this information to the operator of the malware.

How did I get infected with Nymaim?

One potential route of infection is via spam e-mail. The cyber criminals send Nymaim by e-mail, disguised as an invoice. Often, these invoices are packaged as executable files in ZIP archives. Other potential sources of infection include websites that are primed to exploit security vulnerabilities in your browser; the malware could also have been downloaded by another piece of malware that was already on your system at that time.

What do I have to do now?

Do not carry out any further sensitive transactions on your computer. There may be other malware on your system besides Nymaim. Use anti-virus software to perform a full scan of your system. If necessary, use an antivirus live CD to remove Nymaim. If you still have concerns about whether the infection has been effectively removed, you should reset the device and reinstall the operating system. Back up your personal data before wiping the system. Once your system has been reset, change all your passwords, as the perpetrators may have been able to access them.