Republic of the Philippines
National Police Commission
Camp BGen Rafael T Crame, Quezon City
E-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.

ACG-CYBER SECURITY BULLETIN NR 324: Beware of ValleyFall Malware Attack

Reference Number ACG-CSB 121323324

   The following information was obtained from different cyber security sources for notification to all parties concerned pursuant to the mandate of the Philippine National Police Anti-Cybercrime Group (PNP ACG) and classified as “Restricted” pursuant to the PNP Regulation 200- 012 on Document Security and Impact Rating as high based on PNP Information Communication Technology (ICT) Security Manual s.2010-01 p. 22 and p.129.

ValleyFall is the name of spyware, malicious software designed to secretly gather information from a victim's computer or device without their knowledge. It can infect computers with a Remote Access Trojan (RAT) component primarily designed for password theft and keylogging on infected computers.

ValleyFall is a brutal malware capable of destroying a perfectly healthy computer in a very short time. These types of viruses are used by hackers specifically for intrusion and data-stealing purposes. Once this malware gets on the network, it can infect all the systems running on the same network. It directly hits the main frame of the infected device to launch a brutal attack on the comprised machine to serve the purpose of its creator.

The ValleyFall malware displays a wide range of harmful functions that highlight its advance nature and potential to cause significant harm to infected systems. One of its prominent feature is keylogging, allowing the malware to secretly record the keystrokes made by the victim. This enables the malicious individuals behind ValleyFall to obtain sensitive information such as login credentials, personal data, and confidential communications. It also illicitly collects data about the victim's computer, including details about its graphics hardware, disk and RAM capacity, the version of Windows installed, hardware specifications, and more.

This brutal malware infection can badly hurt computers and lead to severe damage. It is a silent intruder and can easily infect any Windows-based computer. It will hide deep into the system and start a series of malicious activities that will drain huge amounts of CPU resources and slow down the machine.

ValleyFall virus mostly gets spread through bundled freeware, cracked software, drive-by download, junk emails, suspicious links, porn or torrent websites, peer-to-peer file sharing, and other methods. Once this perilous threat manages to intrude on the computer, it will take control of the entire system eventually and then it would be a lot harder to find and remove this infection for regular anti-virus programs.

Furthermore, this malware can retrieve a Portable Executable (PE) file when specific commands are received and execute it on the victim's system. This functionality creates the potential for downloading and running additional malware, such as ransomware or crypto-mining software, leading to data encryption, system disruptions, financial losses, and other severe issues. To evade detection and analysis, ValleyFall employs an intricate evasion tactic by scanning for virtualization processes. This approach is designed to thwart security measures and complicate efforts to dissect and mitigate the malware, underscoring the malware's commitment to remaining covert and elusive. ValleyFall can also evade security software.

Identity theft and bank fraud are some of the serious side effects of this nasty malware infection. So, it is advised to immediately remove ValleyFall virus from the PC before the situation gets any worse. Emerging threats, novel malware families, and spyware attacks are persistent risks. Malware infections can be devastating for organizations. By interrupting critical workflows and stealing or encrypting crucial data, malware can cause serious financial and reputation damage.

Malware takes on many different forms and attacks in different ways. But with some thoughtful preparation and process improvements, as well as ongoing user education, the organization can gain-and-maintain a solid security stance against malware attacks.


The public is advised to follow these tips to avoid being a victim of ValleyFall Malware attacks:

  • Be cautious with emails from unfamiliar senders, especially those with suspicious attachments or links;
  • Install or implement a firewall, intrusion detection system (IDS), and intrusion prevention system (IPS);
  • Install reputable antivirus or anti-malware software on the computer and keep it up to date;
  • Deploy additional process-level logging for additional log detection coverage;
  • Regularly update the operating system and software with the latest security patches; and
  • Adopt and enforce the principle of least-privilege.

For additional information, please refer to the following websites:



   Please contact PMAJ LESLIE P JALLORINA, Police Community Relations Officer, thru e-mail address This email address is being protected from spambots. You need JavaScript enabled to view it. or contact us by telephone number (+632) 723-0401 local 7483 for any inquiries related to this CYBER SECURITY BULLETIN.