Win32/Virlock: First Self-Reproducing Ransomware is also a Shape Shifter
Jump to navigation
Jump to search
(Publication) Google search: [1]
| Win32/Virlock: First Self-Reproducing Ransomware is also a Shape Shifter | |
|---|---|
| Botnet | VirLock |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2014 / 2014-12-22 |
| Editor/Conference | ESET Welivesecurity |
| Link | http://www.welivesecurity.com/2014/12/22/win32virlock-first-self-reproducing-ransomware-also-shape-shifter/ (Archive copy) |
| Author | Robert Lipovsky |
| Type | Blogpost |
Abstract
“ Win32/VirLock is ransomware that locks victims’ screens but also acts as parasitic virus, infecting existing files on their computers. The virus is also polymorphic, which makes it an interesting piece of malware to analyze. This is the first time such combination of malware features has been observed.
NOTE: Victims can restore their VirLock-infected files using our standalone cleaner, available for download at http://download.eset.com/special/ESETVirlockCleaner.exe
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2014BFR379,
editor = {ESET Welivesecurity},
author = {Robert Lipovsky},
title = {Win32/Virlock: First Self-Reproducing Ransomware is also a Shape Shifter},
date = {22},
month = Dec,
year = {2014},
howpublished = {\url{http://www.welivesecurity.com/2014/12/22/win32virlock-first-self-reproducing-ransomware-also-shape-shifter/}},
}