close
magnifying glass
Get Started
magnifying glass
chevron
Support Language
close
""
The AI Security Playbook
This playbook explores six core security challenges organizations face when adopting AI, along with proven, real-world strategies to address them.
chevron Get the eBook
            Experience Netskope
            Get Hands-on With the Netskope Platform
            Here's your chance to experience the Netskope One single-cloud platform first-hand. Sign up for self-paced, hands-on labs, join us for monthly live product demos, take a free test drive of Netskope Private Access, or join us for a live, instructor-led workshops.
            chevron Experience Netskope
              A Leader in SSE. Now a Leader in Single-Vendor SASE.
              Netskope is recognized as a Leader Furthest in Vision for both SSE and SASE Platforms
              2X a Leader in the Gartner® Magic Quadrant for SASE Platforms
              One unified platform built for your journey
              chevron Get the report
                ""
                Netskope One AI Security
                Organizations need secure AI to move their business forward, but controls and guardrails must not require sacrifices in speed or user experience. Netskope can help you say yes to the AI advantage.
                chevron Learn about Netskope One AI Security
                  ""
                  Netskope One AI Security
                  Organizations need secure AI to move their business forward, but controls and guardrails must not require sacrifices in speed or user experience. Netskope can help you say yes to the AI advantage.
                  chevron Learn about Netskope One AI Security
                    Modern data loss prevention (DLP) for Dummies eBook
                    Modern Data Loss Prevention (DLP) for Dummies
                    Get tips and tricks for transitioning to a cloud-delivered DLP.
                    chevron Get the eBook
                      Modern SD-WAN for SASE Dummies Book
                      Modern SD-WAN for SASE Dummies
                      Stop playing catch up with your networking architecture
                      chevron Get the eBook
                        Understanding where the risk lies
                        Advanced Analytics transforms the way security operations teams apply data-driven insights to implement better policies. With Advanced Analytics, you can identify trends, zero in on areas of concern and use the data to take action.
                        chevron Get the brochure
                            2025-10-UZTNA-ebook
                            6 Reasons Universal ZTNA is a Smart Escape from VPN and NAC Chaos
                            Ditch the complexity of VPNs and NAC. Learn how Universal ZTNA secures every user and device with one consistent framework.
                            chevron Get the eBook
                              ""
                              BDO Brings Together Networking and Security to Protect a Cloud-First, AI-Friendly Infrastructure
                              chevron Read the case study
                                Netskope GovCloud
                                Netskope achieves FedRAMP High Authorization
                                Choose Netskope GovCloud to accelerate your agency’s transformation.
                                chevron Learn about Netskope GovCloud
                                    Netskope Technical Support
                                    Netskope Technical Support
                                    Our qualified support engineers are located worldwide and have diverse backgrounds in cloud security, networking, virtualization, content delivery, and software development, ensuring timely and quality technical assistance
                                    chevron Technical Support
                                      Netskope video
                                      Netskope Training
                                      Netskope training will help you become a cloud security expert. We are here to help you secure your digital transformation journey and make the most of your cloud, web, and private applications.
                                      chevron Explore Netskope Training
                                        ""
                                        Maximize your SASE ROI with Netskope Business Value Services
                                        Start proving ROI. Netskope BVS is a complimentary consulting service that quantifies the financial and strategic impact of your SASE transformation.
                                        chevron Request a consultation
                                          Let's do great things together
                                          ""
                                          Netskope’s partner-centric go-to-market strategy enables our partners to maximize their growth and profitability while transforming enterprise security.
                                          chevron Netskope Partners

                                            Virlock’s resurgence poses bigger threat to file syncing over the cloud

                                            Jan 30 2017
                                            By Abhinav Singh
                                            Tags
                                            CASB
                                            Cloud Best Practices
                                            Cloud Fanout
                                            Cloud Malware
                                            Netskope Threat Protection
                                            Netskope Threat Research Labs
                                            Ransomware
                                            Tools and Tips
                                            Virlock
                                            Vulnerability Advisory

                                            A new variant of the Virlock family of wormed ransomware has been detected actively propagating in the wild. Virlock not only encrypts every file in a file system, but infects them simultaneously. This converts each file into a potential infection root for branching out once it is shared over the network or through physical media. Netskope Threat Research Labs published a detailed blog on how the Virlock infection works in two harmful ways: by encapsulating the capabilities of both ransomware and a worm.

                                            Such infection vectors possess a bigger threat to an enterprise environment where cloud storage services are used for collaboration. Any infected user within the collaboration group can transfer the infection to other machines once the service syncs the file across all of the users in the group. This gives rise to the classic malware fan-out effect wherein cloud services inadvertently amplify the threat landscape.

                                            Netskope Threat Protection blocks all known variants of Virlock with the detection name of PE.Gn.5 and PE.Gn.8. The Virlock file infectors can be blocked from syncing to the cloud, both from the original infected user and also from the cases where Virlock might be syncing from the cloud to a new user in the same collaboration group, as shown in Figure 1.

                                            Figure 1: Netskope Threat Protection preventing Virlock infection fan-out.

                                            Netskope recommends the following best practices to enterprises in order to protect from ransomware threats:

                                            1. Detect and remediate all threats at rest in sanctioned cloud services using a threat-aware cloud access security broker (CASB) like Netskope.
                                            2. Detect and remediate all threats being downloaded from unsanctioned cloud services using a threat-aware cloud access security broker (CASB) like Netskope.
                                            3. Regularly back up and turn on versioning for critical content in cloud services.
                                            4. On managed devices, administrators should enable the option to view known file extensions.
                                            5. Administrators should advise their users to avoid executing any files with dual extensions unless they are very sure that the files are benign.
                                            6. Administrators should warn users to avoid opening untrusted attachments, regardless of those attachments’ extensions or file names
                                            7. Enterprise users should always keep their systems and antivirus updated with the latest releases and patches.

                                            The post Virlock’s resurgence poses bigger threat to file syncing over the cloud appeared first on Netskope.

                                            < Threat Labs
                                            Next Story >
                                            < Back
                                            Next >
                                            author image
                                            Abhinav Singh
                                            Read More
                                            More Articles by Abhinav Singh
                                            Read full Bio
                                            More articles

                                            Related Articles

                                            card shape
                                            Threat Labs

                                            From ClickFix to MaaS: Exposing a Modular Windows RAT and Its Admin Panel

                                            By Jan Michael Alcantara
                                            chevron Read the blog
                                            card shape
                                            Threat Labs

                                            OpenClaw Trap: AI-Assisted Lure Factory Targets Developers & Gamers

                                            By Vini Egerland
                                            chevron Read the blog
                                            card shape
                                            Threat Labs

                                            Attackers Weaponize Signed RMM Tools via Zoom, Meet, & Teams Lures

                                            By Jan Michael Alcantara
                                            chevron Read the blog
                                            Show More
                                            Connect with Netskope

                                            Subscribe to the Netskope Blog

                                            Sign up to receive a roundup of the latest Netskope content delivered directly in your inbox every month.
                                            Subscribe now