HomeWinBuzzer NewsMicrosoft Outlook Targeted by Virobot New Ransomware Attack

Microsoft Outlook Targeted by Virobot New Ransomware Attack

Microsoft Outlook is the client of choice for the Virobot ransomware, a botnet-based attack that is not related to other ransomware families.

-

's Outlook email client is being used for a new that is being spread to unsuspecting users. TrendLabs discovered the attack and has now disclosed it. Called Virobot, the ransomware also has integrated botnet abilities.

Trendlabs says the ransomware is currently being sent through spam emails on . With botnet capabilities, the researchers say Virobot has the ability to quickly infiltrate machines through a successful email attack.

If it is activated by an unwitting user, the Virobot infection are distributed across a contact list in Microsoft Outlook. This is an effective and rapid distribution technique that makes this ransomware potentially dangerous.

As with most ransomware attacks, Virobot relies on the user making the mistake of actively downloading its. If that happens, it can infect a target machine, take control of systems of all aspects and then demand a ransom for unlocking.

Aside from its ransom techniques, the botnet attack also features a keylogger. This means the bad actor can observe keystrokes on an infected machine and steal user data.

Trendlabs says the attack is not associated with any other ransomware type:

“Virobot was first observed in the wild on September 17, 2018, seven days after we analyzed a ransomware variant that imitates the notorious Locky ransomware. Once Virobot is downloaded to a machine, it will check the presence of registry keys (machine GUID and product key) to determine if the system should be encrypted. The ransomware then generates an encryption and decryption key via a cryptographic Random Number Generator. Together with the generated key, Virobot will then send the machine-gathered data to its C&C server via POST.”

Prevention

As usual, the best mitigation is to avoid opening emails that are either from an unknown or untrusted source. Furthermore, avoid opening or downloading any attachments if you are unsure of the origin.

While this advice is sound for all emails, it is specifically important for Microsoft Outlook if you want to avoid Virobot.

SourceTrendLabs
Luke Jones
Luke Jones
Luke has been writing about all things tech for more than five years. He is following Microsoft closely to bring you the latest news about Windows, Office, Azure, Skype, HoloLens and all the rest of their products.

Recent News