Home > Ransomware > Virlock Ransoware Leverages the Cloud to Infect More Users

Virlock Ransoware Leverages the Cloud to Infect More Users


Virlock ransomware has apparently been updated and is now capable of propagating itself via the cloud. Hence, the ransomware can be spread negligently from one infected to another, eventually file-locking an entire network.

This update seen in the code of Virlock is just one small fracture of the ransomware scene at the moment. Ransomware is constantly being improved and made more effective.

Virlock in particular has been active for approximately two years but researchers recently discovered that the threat can spread itself through the employment of cloud sync, cloud storage and collaboration apps.

How Does the Updated Virlock Work?

Researchers explain that if two users are collaborating on a folder, they would have some files and the folder itself synced on their machines. If one of the users is attacked by Virlock and has his files encrypted, this would also include the files synced with the other user.

If the second user clicks on any of the files in the shared folder, the infected file would be executed and would infect all other files on the system.

Virlock, like in most ransomware cases, demands a payment in Bitcoin. In addition, the ransomware claims to be anti-piracy warning from the FBI in relation to pirated software founded on the targeted system. The victim is also threatened with prison and a fine of $250,000 unless the ransom is paid.

Protection Tips against Virlock and Other Malware

The best action against ransomware infections is regularly backing up your data. A cloud account used for backups should also be regularly scanned for malware.

Find some additional tips against ransomware in our forum.

Also follow these tips to increase your security against malware attacks of all types:

  • Try downloading an external firewall that will block any other applications.
  • Revise the administrative access of some programs and make sure third-party apps are not allowed through Windows Firewall.
  • Use stronger passwords. Make sure that your passwords contain uppercase, lowercase letters, nubmbers and if possible symbols and spaces.
  • Disable AutoPlay. Turning off this feature makes your PC safer agains flash drives or other devices with malware entering phisically via your USB port.
  • Always set a newtork you connect to as a Public network. This disables file sharing. You can also disable it manually by typing Advance Sharing Options in your Windows search and turning off file sharing from the option for that.
  • Disable any remote service programs. Any software that may grant remote service to your computer in various ways is a potential risk to all the computers using the software in the network. You should switch off Remote Access and look for another solution. One way is to remotely connect online using a cloud browser(Maxton, for example) and a remote desktop service (LogMeIn for example).
  • Look for suspicious processes in Windows Task Manager that are by programs that are not running. Remove those programs from the Windows Programs and Features menu.
  • Always update your operating system.
  • Make sure you set your mail server to block out all spam and spoof messages. A good tip is to have mail software like Outlook and Mozilla Thunderbird. They have such filters embedded in them as features.
  • Make sure to isolate all computers in your network that are infected by viruses, because if the virus is a downloader or a worm it may spread throughout the network.
  • Provide relevant education to your employees on external information sharing and security practices.
  • Add a site and file scanning extension to your browser. It increases the safety of online browsing significantly.
  • Turn off any non-essential services and devices such as Bluetooth, for example.
  • Install an anti-malware software on your computer. Most anti-malware programs feature active protectiton against viruses and they also are good in combination with antivirus software. For maximum protection use both.


Malware Removal Tool

Spy Hunter scanner will only detect the threat. If you want the threat to be automatically removed, you need to purchase the full version of the anti-malware tool.Find Out More About SpyHunter Anti-Malware Tool / How to Uninstall SpyHunter

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:

Leave a Comment

Your email address will not be published.

Share on Facebook Share
Share on Twitter Tweet
Share on Google Plus Share
Share on Linkedin Share
Share on Digg Share
Share on Reddit Share
Share on Stumbleupon Share