Dark Reading on a Shurl0ckr, new a Gojdue ransomware variant, making the rounds on Google Drive and Microsoft Office 365 because most major anti-virus software is failing to detect the malware:
Shurl0ckr works the same way as Satan ransomware. A hacker creates a ransomware payload and distributes it via phishing or drive-by download. The malware encrypts files on disk in the background until the victim pays a Bitcoin ransom. Hackers pay a percentage to the author.
The discovery was part of a broader study on malware in the cloud. Researchers found 44% of businesses they scanned had some form of malware in at least one of their cloud applications. One in three corporate instances of SaaS applications were infected with malware.
Microsoft OneDrive had the highest rate of infection compared with other major SaaS applications, with 55% of instances hit. Google Drive was next-highest at 43%, followed by Box and Dropbox, both of which had a 33% infection rate.
Just because the cloud-based file storage services are unable to detect Shurl0ckr does not mean local endpoint-based protection is failing. A strong layered endpoint defense, even at home, should prevent this from doing any damage.
It is vitally importantly to be careful about what files are either accessed, downloaded, or opened. Never open attachments from unknown or untrusted sources. Ensure downloaded files are generated from well known web sites and established companies. Finally, always use endpoint security software and ensure the definitions are regularly and automatically updated.
Just like when physically walking around the city, paying attention and a little vigilance will go a long way in remaining safe.