Blackmail software ShurL0ckr found in Google Drive and Microsoft Office 365

ShurL0ckr Malware

Have you not upgraded your website to HTTPS yet? Upgrade NOW.

Google with its Chrome 68 update to show all HTTP websites as NOT SECURE. Avoid Google's penalty by installing an SSL Certificate. Get a DigiCert Standard SSL and secure your website at just $157/year. BUY NOW

ADVERTISEMENT
DAILY BRIEF
Get daily updates straight in your inbox.

Security researchers have found a new strain of Gojdue ransomware named ShurL0ckr. It appears that this ransomware remained undetected by two major cloud platforms such as Google Drive and Microsoft Office. Besides these two, Skype and Telegram app too could not detect the new ransomware. ShurL0ckr is supplied as “Ransomware-as-a-service” (Raans) on the Dark Web. Cylance, an American security software company has discovered that it has also targeted desktop communication apps like Skype and Telegram app. ShurL0ckr has, so far, been detectable only by a few anti-virus software and it somehow got through the built-in malware protection Google Drive mechanism and Microsoft office 365’s blockade. As most cloud service providers do not supply advanced malware detection capabilities and protection services, ShurL0ckr malware developers have picked up those said mediums as a perfect attack vector. This is also why they have managed to infect corporate users on a massive scale.

Related:

ShurL0ckr first breaks the protection of the user’s computer and infects the files on the computer. When the infected files are uploaded to the cloud, the ransomware goes through the cloud application protection mechanism. It can be downloaded to another device to expand the scope of the infected files. The ransomware encrypts the files uploaded to the cloud and drums up a subscription fee from the subscribers. The hackers share the blackmail profit with the service providers.

50% of ShurL0ckr was detected by VirusTotal software. Bitglass investigated this matter in January and through VirusTotal they discovered that VirusTotal could detect only 7% of the ransomware and most of the ties, it broke through the blockades of Google Drive and Microsoft Office 365. A regular company on an average stores 450,000 files on the cloud of which 20,000th file is infected with malware.

Via: iThome

Blackmail software ShurL0ckr found in Google Drive and Microsoft Office 365