Windows 10 fake update is nasty ransomware

todayNovember 20, 2019

share close

A new malware campaign is under way: emails sent from a fake Microsoft address are pushing people to download a malicious Windows 10 “critical update”. Beware!

Spotted by computer security company Trustwave, the subject of the mail says “Install Latest Microsoft Update now!” or “Critical Microsoft Windows Update!” The mail contains one single line that says “Please install the latest critical update from Microsoft attached to this mail” and an attached file. 

If you receive such an email, here are the steps you should take:

1. Delete the mail right away.

2. Write several post-it notes that say “Microsoft NEVER SENDS update notices via email” and place them around your home and loved ones’ computers. 

How this malware works

The mail contains a jpg file that is actually not a picture but an executable .NET file that will infect your PC.

This executable will download a program called “bitcoingenerator.exe” which comes from misterbtc2020 — a GitHub account. But this bitcoin generator doesn’t generate any virtual riches: it’s a ransomware called Cyborg.

Cyborg will encrypt all your files, locking their contents and changing their extensions to 777. You will also find a text file on your desktop named “Cyborg_DECRYPT.txt”, containing instructions about how to recover your life — for a price.

According to Trustwave, there are four variants of this malicious software. Following the trail, they reached to Russia. Because, of course it was going to be Russia.

Trustwave says this is a real danger to businesses and individuals alike, with the capacity to be attached to other emails and evade any gateway controls.

With that in mind, it’s good to remember to always distrust any mails you get, even if you think they come from a trustworthy source, and never blindingly click on something you didn’t ask for — even if you have the best antivirus software installed. You never know when the next malware will hit.

Source: tomsguide.com

Written by: New Generation Radio

Rate it

Previous post


The first Gibson-authorized non-Gibson guitars are now available from Banker Custom

Back in July, Gibson announced its Authorized Partnership Program, allowing boutique makers Jimmy Wallace Guitars, Banker Custom Guitars and Echopark Guitars a license to use company trademarks, which include body shapes and headstocks for the Les Paul, Flying V, Explorer, ES-335 and Firebird, in their own builds. Now, the first electric guitar models from one of those partners has been revealed, with Banker Custom unveiling the ’58-spec Korina V and Excalibur, built for […]

todayNovember 19, 2019

Post comments (0)

Leave a reply

Your email address will not be published. Required fields are marked *

[wpens_easy_newsletter firstname="no" lastname="no" button_text="Εγγραφή"]