Windows 10: Ransomware disguised as Win 10 update

  1. Posts : 558
    Windows 10
       03 Sep 2015 #1

    Ransomware disguised as Win 10 update

    Thought i would post this here but maybe the "news" section would benefit , if this is old news my apologies but it's scary.

    Beware! That Windows 10 update message could be ransomware in disguise

    A new virus is on the loose and it’s targeting users waiting for their Windows 10 update. A variant of CTB (Curve-Tor-Bitcoin) Locker is currently being downloaded on to Windows 7 and 8 users at alarming rates. If you are waiting for your Windows 10 upgrade, please read the details below and proceed with caution when downloading anything from an email attachment.
    It starts with an email

    This new threat actor has a clever way of making its way onto your system. Since many people are eagerly awaiting their Windows 10 update, scammers developed a convincing email campaign to lure people into downloading their ransomware.
    A screen shot of the offending email. Source: Cisco Blogs

    As you can see, the email has the appropriate color scheme as well as a believable email address: The scammers have even gone so far as to include a little note at the end that may give the recipient a false sense of security:
    Don’t be fooled! This email is NOT safe. Source: Cisco Blogs

    And then they demand you pay up

    Once an unsuspecting victim downloads the false update to their computer and runs it, they’ll see this message:
    The CTB-Locker message. Source: Emsisoft

    The victim will find that their files have been encrypted and will not open properly, and like most ransomware variants, the decryption key will not reside on the infected system. The user allegedly has 96 hours before the decryption code is destroyed and the only way to get a hold of it before then is to pay an outrageous $200 USD.
    Early detection is key

    As eager as you may be for the latest Windows 10 update, please be aware that so many cyber criminals are waiting to take advantage of you! Be wary of emails with typos, strange characters, and in the case of the phishing email above, an IP address from an unexpected part of the world (in this case, Thailand).

      My ComputerSystem Spec

  2. Cluster Head's Avatar
    Posts : 1,563
    Windows 10 Pro x64 RS 10586.586
       03 Sep 2015 #2

    Thanks for your Post!

      My ComputerSystem Spec

  3. Posts : 558
    Windows 10
    Thread Starter
       03 Sep 2015 #3

    Cluster Head said: View Post
    Thanks for your Post!

    Your welcome but i think i should of held off , seems like it's old news and i should of posted in the Win 7 forums forum , thats probably where it would be relevant, if at all .

    If "brink" doesn't think it's relevant here i hope he deletes it , i should have researched further .
      My ComputerSystem Spec

  4.    04 Sep 2015 #4

    Actually I don't read the Win 7 forum. I am happy you posted it here. I have passed this info on to friends and family that still use Win 7.
      My ComputerSystem Spec

  5. axe0's Avatar
    Posts : 13,713
    Windows 10 Pro
       05 Sep 2015 #5

    This is indeed pretty old news, but it is always good to post it for those who aren't aware of this :)
      My ComputersSystem Spec


Related Threads
First issue is that I need to use a specific older driver for my AMD graphics card and windows 10 continues to update the driver automatically and causes my system to crash. I've gone through {Control Panel-Devices & printers}, selected my machine,...
New Ransomware attack in AntiVirus, Firewalls and System Security
Only 5 days out and Win10 being screwed with. This link was in an E-Mail today: New Windows 10 scam will encrypt your files for ransom | ZDNet
Hi there I have a decent FAST internet -- but latest update (only a security update) seems to be taking LONGER than the ENTIRE update I did going from 10162 to 10240. 15 mins and STILL only at 6% ??? for a small security update. I know my...
CoinVault ransomware? New free tool may decrypt them in AntiVirus, Firewalls and System Security
Files encrypted by CoinVault ransomware? New free tool may decrypt them | PCWorld
ALERT!: New ransomware allows one user file 'free' decrypt in AntiVirus, Firewalls and System Security
New ransomware allows one user file 'free' decrypt By Dimitri Reijerman , Sunday, November 16, 2014 14:26 , comments: 201 , Views: 31,371 • Feedback Security firms Webroot has a new ransomware-variant found that the user after encrypting the...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 21:39.
Find Us