ShurL0ckr ransomware gets past Microsoft and Google to infect cloud
BitGlass and Cylance have found some new ransomware called Shurl0cker that managed to fool both Google and Microsoft’s scans to arrive on their customers cloud storage.
According to the researchers:
“Two well-known cloud platforms with built-in malware protection, Google Drive and Microsoft Office 365, failed to identify the ransomware. In addition, Bitglass tested VirusTotal, a service that scans malware against 67 of the leading malware engines, to scrutinize a file containing the ShurL0ckr ransomware. Only seven percent of tested AV engines successfully detected the new malware “
ShurL0ckr is a variation on the existing Gojdue ransomware so it didn’t take long for Microsoft, Google and other anti-virus makers to catch up.
The ransomware will encrypt key files including Office documents making them unavailable to you. Paying the ransom may, or may not, get your files back.
It’s a real example of why you can’t 100% trust any anti-virus scans either on the cloud or on your computer. Always be wary of new files and documents regardless of the source.