Malware Alert: VIRLOCK Encrypts Your Files and Holds Your Computer for Ransom

In the malware family you’ve got more than your share of destructive “wares” — one of them being ransomware. Ransomware is defined as “a type of malware which restricts access to the computer system it infects and demands a ransom to be paid to the creator of the malware in order for the restriction to be removed.” VIRLOCK is just one type of ransomware — there are many variants.

Probably the most destructive ransomware known to exist was called CryptoLocker, a ransomware trojan that infected computers running Microsoft Windows in September of 2013. Before it could be contained in May of 2014, it was said that CryptoLocker creators had extorted around $3 million from victims. Since that time, there have been many CryptoLocker copycats on the scene — VIRLOCK is one of the latest.


Once PE  VIRLOCK, has infected your computer system, it begins to modify and create registry entries to prevent detection. Once executed, your computer screen typically locks, your files become infected and a ransom is demanded in exchange for the code to decrypt your files. In fact, this VIRLOCK is so sophisticated, that it actually checks your location before displaying a personalized ransom message.

“At that point, your options are to restore from backup, pay the ransom or accept the loss,” explains Bryan Levy, vClient Advisor at UDT. “In one instance, we actually contacted the FBI and they said there was nothing they could do.”

One thing that makes VIRLOCK different from other types of ransomware is that once it gets into a computer or a system network, it triggers an infectious chain. Even if the affected files are stored on a removeable drive, VIRLOCK can easily invade a computer once connected.


While some protection is better than no protection, the more layers you have, the better. “You want to put the proper processes in place and the education to prevent it — that’s really the best course of action,” says Levy. However, Levy also warns that some preventative technology can affect the performance of your network.

Here are a few things you can do now to help prevent an attack:

  1. Use email filtering, anti-virus software and intrusion protection
  2. Be weary of removable drives — if you don’t know what kind of files have been stored on it, don’t connect it
  3. Train your staff to avoid suspicious websites, emails and links


Often it’s your company’s backup strategy that determines whether or not you’ll fully recover from a ransomware attack. If you backed up your data before the attack, you may be able to recover most of your data. But if you perform a backup after your files were encrypted, VIRLOCK could also affect files stored in backup. “We had a customer who had a virus like this and their entire file server got corrupted,” said Levy. “We had to do a restore from 24 hours before, because at that point, the server hadn’t been backed up yet. It took us 24-36 hours to recover all of the data.”


VIRLOCK is definitely one destructive technology you’ll want to avoid. If you’re concerned that your company’s network could be at risk, contact UDT. We’d be happy to take a look at your current protection strategy as well as your current backup plan and suggest preventative measures that make sense for your business and your budget.

Accomplish More With UDT

Get your custom solution in cybersecurity, lifecycle management, digital transformation and managed IT services. Connect with our team today.

More to explore

The Cloud Advantage: 4 Ways Cloud Solutions Are Transforming Organizations (with Case Studies) 

By embracing cloud solutions, businesses can harness a level of flexibility, innovation, and collaboration that propels them forward, providing a decisive edge over competitors. This is called the “Cloud Advantage.”

Reliable Data Centers Have These 3 Things In Common (with Strategies for Optimizing Efficiency)

Data centers ensure that businesses have robust data storage and management capabilities to access, organize, and safeguard their wealth of information. Discover the key qualities that make your data center reliable.

The Benefits and Risks of Using AI at Your Business—How To Leverage AI Responsibly

AI is an alluring tool for business, but it comes with risks. Explore the pros and cons of using AI, including how to mitigate the potential vulnerabilities associated with this technology.

Ransomware Attacks on K12 Education are Spiking (Again)—Here’s How To Keep Your School District Safe

When it comes to cybersecurity, the last few years have been rough for Education. Hear expert insights on the top ransomware attacks facing K12 and Higher Ed—and how to avoid being the next victim.

October is Cybersecurity Awareness Month—Here Are 4 Actionable Strategies to Boost Your Data Security Right Now 

To help organizations stay ahead of evolving risks, sophisticated attack vectors, and the latest data security threats, UDT’s Mike Sanchez, CISO & SVP of Cybersecurity Solutions, has compiled the following risk management best practices for improving your organization’s security posture.

How To Select Your E-Rate Service Provider—An 8-Step Roadmap

To help you make an informed choice, we’ve developed a clear, 8-step roadmap to assist you in selecting the ideal E-Rate service provider for your unique situation.

Experiencing a security breach?

Get immediate assistance from our security operations center! Take the following recommended actions NOW while we get on the case:


  1. Determine which systems were impacted and immediately isolate them. Take the network offline at the switch level or physically unplug the systems from the wired or wireless network.
  2. Immediately take backups offline to preserve them. Scan backups with anti-virus and malware tools to ensure they’re not infected
  3. Initiate an immediate password reset on affected user accounts with new passwords that are no less than 14 characters in length. Do this for Senior Management accounts as well.

Just one more step

Please fill out the following form,