VERY IMPORTANT

Virut is a botnet malware family which has initially been observed 13 years ago, in 2006. Traditionally, it spreads as a file-infecting virus, and has monetized pay-per-install schemes and information theft. Although believed to be dead by many following a major sinkholing operation conducted by NASK/CERT Polska in 2013, events over the last few months indicate an uptick in activity. Earlier in 2018, an unusual drive-by attack with a Chinese nexus involved dropping a Virut sample. Having dealt with takedowns before and tracking botnets, this piqued my interest.