A new version of the Virlock Ransomware has started to infect a lot of computers and this it’s more aggressive than ever.
The New Version of the Virlock Ransomware Is Extremely Dangerous
A new dangerous version of the Virlock ransomware has been discovered. The new iteration of the malware has the capability to infect every file it accesses. The virus is a special type of ransomware that not only encrypts the victim files but also infects them. Researchers call this polymoprhic file infector ransomware. This means that any user who opens an infected file with Virlock will be infected with the threat.
The distribution of the infected binaries can cause a lot of damage if they land on a large network or a cloud service. The files, therefore, contain both malware code, embedded clean code, and the special polymorphic code. When an infected file is passed on to another user or host, and it is executed, the entire replication, encryption and infection process is started on the victim machine.
Several tips are given to system administrators to help protect their enterprise networks from Virlock attacks:
- System administrators should perform regular back ups of critical and sensitive information on trusted cloud storage platforms and offline managed devices
- All Windows-computers should be set up so that the full file extensions are visible
- IT staff should provide all company employees with the best security practices, especially educating them about how untrusted files should be handled
- All networks should use good security solutions such as firewalls and anti-virus products that are regularly updated and supported