A computer virus by the name of Valak is growing on the web according to a computer security firm. The malware is spread via a Word document attached as an email attachment. Its purpose is to steal a huge amount of personal data.
The cybersecurity company Check Point has released its 10 Most Virulent Computer Viruses Report for the month of September 2020.
Emotet, a malware that is taking advantage of the Covid-19 crisis to spread, ranks first on this list.
However, researchers indicate that malware by the name of Valak has grown significantly and is becoming a growing threat to computers, online accounts and businesses.
The Valak computer virus has extremely dangerous potential for personal data.
A virus that targets both individuals and businesses
Valak was initially seen at the end of 2019, while acting as a virus spreader. A new version would have been recently deployed, whereas it is now becoming a real virus in its own right.
That is, instead of trying to spread and upload viruses, it has itself become a virus that seeks to root data from the computers it infects.
What data is Valak targeting exactly? According to researchers at Check Point, it seeks in particular to steal information stored in Microsoft Exchange.
That’s not all, since it also seeks to steal our identifiers to connect to our computer as well as those of our various accounts on the web. We can therefore imagine that it targets popular services such as Google, Facebook and of course our banks.
Finally, it also seeks to steal domain certificates. Once the company’s HTTPS certificate is bypassed, the information exchanged by site visitors is no longer encrypted and can therefore be read by hackers.
Imagine the amount of information stolen if the site is transactional or if it contains forms to fill out with sensitive data. It is not just one victim who is affected by this infection, but potentially all visitors to the infected person’s employer website.
Maya Horowitz, Director of Threat Research and Intelligence at Check Point, explains:
These new campaigns spreading Valak are yet another example of how threat actors seek to maximize their investments in established and proven forms of malware. With the updated versions of Qbot that emerged in August, Valak is intended to enable large-scale data and credential theft from organizations and individuals. Businesses should consider deploying anti-malware solutions that can prevent this content from reaching end users, and advise their employees to be careful when opening emails, even when they appear to be from a source. reliable.
How to protect yourself against the Valak virus?
How is the Valak virus spread? Via malicious emails that contain an infected Word document.
It is a propagation technique which is not new, but which remains effective.
In short, the way to protect oneself from Valak is a classic case of vigilance and protection.
As with all suspicious emails, always look at the sender’s email address and make sure it is a trusted contact.
Another precaution is to use the VirusTotal site which allows us to scan an attachment without even opening it. We simply drag the file onto their platform and the latter tells us whether the document is dangerous or not.
Finally, having an antivirus protection solution is always an excellent precaution to identify, block or remove a threat like this one.