Could Ransomwares infect my other PCs using my MS account?

[Dirk41]

Hi everyone,

i'd like to test Cryptoprevent against ransomwares on a netbook that i don't use anymore.

the device is not connected to others. but I have to use my MS account on it(the same account I use on the other devices) in order to receive W10 insiders previews.

so, maybe the question will sound stupid to you, but I am not an expert: could randomwares use in someway my MS account to infect my other devices??? even I turn off the sync? (and wht if i did not turn off the sync?)

or viruses in general (not only ransomwares)

I'd really appreciate if you could provide help

looking forward to hearing from you

 

[cruelsister]

Dirk- No way that is a stupid question, and actually is quite topical. The best answer is Yes and No That which is the ransomware encryptor won't steal you password data by itself; however things can be packaged with the ransomware that surely can and will.

A recent example of this is some of the CryptXXX infection routines that can be seen. Delivered from infected webpages by either the Angler or Hunter exploit kits, the malware will also deliver a variant of the Pony infostealer (a morphed version derived from the pony Botnet that caused quite a stir a few years back). Personally I think it's only a matter of time until Pony is replaced by the Tofsee stealer/bot which is more elegantly coded.

In short, the answer is that your credentials can be be stolen depending on how lucky (or unlucky) you are in the choice of malware samples run. And remember the basic rules of malware testing- No personal data on the sacrificial system and absolutely no network shares!

 

[Dirk41]

thank you very much, so maybe it is better to test using w7 that does not require an account


furthermore w10 has also onedrive..who knows if the viruses /ransom can use it to pass

better to use w7

 

[hjlbx]

thank you very much, so maybe it is better to test using w7 that does not require an account


furthermore w10 has also onedrive..who knows if the viruses /ransom can use it to pass

better to use w7

Ransomware can encrypt your local OneDrive files and then Windows will sync them with your MS Account\OneDrive.

 

[Dirk41]

Ransomware can encrypt your local OneDrive files and then Windows will sync them with your MS Account\OneDrive.

Yeah I know ransomware encrypt cloud too, thank you.. But if I have no local files and I disable onedrive ?

The virus / ransomware can't upload itself on the cloud and then download itself on another device right?

 

[_CyberGhosT_]

To my knowledge, it does not bounce like that, (yet).
I would focus on Windows 10, but don't use the MS account to log in.
The MS login option is not the only option.
PeAcE

 

[jamescv7]

Remember that many ransomware have already embedded the functionality to self-replicate and propagate from networking drives or throughout the connected network nearby.

 

[Dirk41]

No other network connection here , thank you