Ransomware disguised as Win 10 update


  1. Posts : 558
    Windows 10
       #1

    Ransomware disguised as Win 10 update


    Thought i would post this here but maybe the "news" section would benefit , if this is old news my apologies but it's scary.


    Beware! That Windows 10 update message could be ransomware in disguise


    A new virus is on the loose and it’s targeting users waiting for their Windows 10 update. A variant of CTB (Curve-Tor-Bitcoin) Locker is currently being downloaded on to Windows 7 and 8 users at alarming rates. If you are waiting for your Windows 10 upgrade, please read the details below and proceed with caution when downloading anything from an email attachment.
    It starts with an email

    This new threat actor has a clever way of making its way onto your system. Since many people are eagerly awaiting their Windows 10 update, scammers developed a convincing email campaign to lure people into downloading their ransomware.
    A screen shot of the offending email. Source: Cisco Blogs

    As you can see, the email has the appropriate color scheme as well as a believable email address: update@microsoft.com. The scammers have even gone so far as to include a little note at the end that may give the recipient a false sense of security:
    Don’t be fooled! This email is NOT safe. Source: Cisco Blogs

    And then they demand you pay up

    Once an unsuspecting victim downloads the false update to their computer and runs it, they’ll see this message:
    The CTB-Locker message. Source: Emsisoft

    The victim will find that their files have been encrypted and will not open properly, and like most ransomware variants, the decryption key will not reside on the infected system. The user allegedly has 96 hours before the decryption code is destroyed and the only way to get a hold of it before then is to pay an outrageous $200 USD.
    Early detection is key

    As eager as you may be for the latest Windows 10 update, please be aware that so many cyber criminals are waiting to take advantage of you! Be wary of emails with typos, strange characters, and in the case of the phishing email above, an IP address from an unexpected part of the world (in this case, Thailand).


      My Computer


  2. Posts : 1,546
    Windows 10 Pro x64 RS 10586.586
       #2

    Thanks for your Post!

      My Computer


  3. Posts : 558
    Windows 10
    Thread Starter
       #3

    Cluster Head said:
    Thanks for your Post!


    Your welcome but i think i should of held off , seems like it's old news and i should of posted in the Win 7 forums forum , thats probably where it would be relevant, if at all .

    If "brink" doesn't think it's relevant here i hope he deletes it , i should have researched further .
      My Computer


  4. Posts : 173
    Windows 10 64bit
       #4

    Actually I don't read the Win 7 forum. I am happy you posted it here. I have passed this info on to friends and family that still use Win 7.
      My Computer


  5. Posts : 14,901
    Windows 10 Pro
       #5

    This is indeed pretty old news, but it is always good to post it for those who aren't aware of this :)
      My Computers


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 07:39.
Find Us




Windows 10 Forums