Malware Alert: VIRLOCK Encrypts Your Files and Holds Your Computer for Ransom

In the malware family you’ve got more than your share of destructive “wares” — one of them being ransomware. Ransomware is defined as “a type of malware which restricts access to the computer system it infects and demands a ransom to be paid to the creator of the malware in order for the restriction to be removed.” VIRLOCK is just one type of ransomware — there are many variants.

Probably the most destructive ransomware known to exist was called CryptoLocker, a ransomware trojan that infected computers running Microsoft Windows in September of 2013. Before it could be contained in May of 2014, it was said that CryptoLocker creators had extorted around $3 million from victims. Since that time, there have been many CryptoLocker copycats on the scene — VIRLOCK is one of the latest.

VIRLOCK’S PATH OF DESTRUCTION

Once PE VIRLOCK, has infected your computer system, it begins to modify and create registry entries to prevent detection. Once executed, your computer screen typically locks, your files become infected and a ransom is demanded in exchange for the code to decrypt your files. In fact, this VIRLOCK is so sophisticated, that it actually checks your location before displaying a personalized ransom message.

“At that point, your options are to restore from backup, pay the ransom or accept the loss,” explains Bryan Levy, vClient Advisor at UDT. “In one instance, we actually contacted the FBI and they said there was nothing they could do.”

One thing that makes VIRLOCK different from other types of ransomware is that once it gets into a computer or a system network, it triggers an infectious chain. Even if the affected files are stored on a removeable drive, VIRLOCK can easily invade a computer once connected.

PREVENTION TACTICS

While some protection is better than no protection, the more layers you have, the better. “You want to put the proper processes in place and the education to prevent it — that’s really the best course of action,” says Levy. However, Levy also warns that some preventative technology can affect the performance of your network.

Here are a few things you can do now to help prevent an attack:

Use email filtering, anti-virus software and intrusion protection
Be weary of removable drives — if you don’t know what kind of files have been stored on it, don’t connect it
Train your staff to avoid suspicious websites, emails and links

BACKUP PLANS

Often it’s your company’s backup strategy that determines whether or not you’ll fully recover from a ransomware attack. If you backed up your data before the attack, you may be able to recover most of your data. But if you perform a backup after your files were encrypted, VIRLOCK could also affect files stored in backup. “We had a customer who had a virus like this and their entire file server got corrupted,” said Levy. “We had to do a restore from 24 hours before, because at that point, the server hadn’t been backed up yet. It took us 24-36 hours to recover all of the data.”

ANOTHER LINE OF DEFENSE

VIRLOCK is definitely one destructive technology you’ll want to avoid. If you’re concerned that your company’s network could be at risk, contact UDT. We’d be happy to take a look at your current protection strategy as well as your current backup plan and suggest preventative measures that make sense for your business and your budget.

Accomplish More With UDT

Get your custom solution in cybersecurity, lifecycle management, digital transformation and managed IT services. Connect with our team today.

More to explore

K12 Budgeting: Planning Your 1:1 Device Refresh Program Cost

As K12 education evolves, managing 1:1 device programs effectively is crucial. These programs, providing each student with a personal computing device, play a pivotal role in modern education. Success demands strategic planning, communication, foresight, and a holistic approach to device management. With digital learning on the rise, these devices are more than just tools for accessing information; they are platforms for interactive, core learning experiences. However, funding remains a significant hurdle, making effective budgeting for your device refresh program essential for optimizing ROI and device longevity.

Crafting a Futureproof 1:1 Device Strategy for School Districts

In the evolving landscape of Education Technology, crafting a futureproof 1:1 device strategy is crucial. This strategy should link every student, teacher, and administrator experience with specific device specifications. The integration of educational apps into the curriculum can significantly enhance the learning environment. These apps, tailored to the needs of students, can provide interactive content, fostering a dynamic learning experience.

Optimizing Your K12 Tech Investments: Funding 1:1 Device Programs

This blog will guide school districts grappling with the financial and resource demands of implementing a successful 1:1 device program amid ongoing challenges of budget constraints and competing priorities. Our guided workbook, created in partnership with Intel, provides further support with personalized roadmap on “Pathways to Innovation: Building a Sustainable Digital Learning Environment”.

K12 Cybersecurity: How to Secure 1:1 Devices in Your School District

This blog post delves into the importance of security, cybersecurity, and data privacy in school districts implementing 1:1 device initiatives. It offers basic steps for evaluating, planning, and executing a security strategy. Our guided workbook, created in partnership with Intel, provides a personalized roadmap on “Pathways to Innovation: Building a Sustainable Digital Learning Environment”.

Lost & Stolen Devices are a Serious Data Security Threat—Here’s Why

Since the pandemic, remote and hybrid work has become the norm. While mobile devices and remote workstations have empowered great flexibility, it has also led to an increase in data security problems due to lost, misplaced, or stolen devices. Find out how remote and hybrid setups are contributing to this problem and how to protect yourself and your organization.

Ransomware Gangs Adding Pressure with ‘Swatting’ Attacks—Here’s What You Need to Know

Ransomware gangs are implementing new extortion tactics to encourage victims to pay up. Swatting is becoming an increasingly popular tactic. It involves calling law enforcement to falsely report a serious, in-progress crime triggering an extreme response such as an armed raid from the SWAT team. Explore how cybercriminals are using this tactic and what you can do to prevent it from happening to you.