Gojdue Variant Eludes Microsoft, Google Cloud Protection, Researchers Say

February 8, 2018


Researchers have identified a new ransomware strain that went undetected by built-in anti-malware protection used by cloud heavyweights Microsoft and Google as recently as January.

According to researchers at the cloud service firm Bitglass, both Google Drive and Microsoft Office 365’s SharePoint web service failed to identify a new strain of Gojdue ransomware called ShurL0ckr when tested last month. More troubling, when the malware was tested in the same timeframe against VirusTotal’s database of known vulnerabilities on Jan. 16, only seven percent of AV engines detected the malware.

Since its original testing, researchers now say 50 percent of AV engines detect ShurL0ckr, according to a rescan using VirusTotal on Wednesday. Researchers said it is unclear if cloud services such as Microsoft or Google have begun to identify and quarantine ShurL0ckr if infected files are stored on their respective cloud services.

Read More on Threat Post