First noticed in late 2019, the malware known as Valak has more than 30 different versions.

Originally it was designed to deliver other malware to a target, but now it has its own thieving capabilities. The infection is delivered via an email with attached Microsoft Word documents.

These files contain malicious macros that schedule background processes to scan and grab information.

Some of the sensitive material it can steal includes:

• credentials for email accounts
• usernames and passwords
• domain certificates
• and information that points to the domain administrators.

With that sort of data, the possibilities of criminal intent are endless.

Create a culture of security awareness. Get your employees trained. We can help.

Learn more