It has been discovered, lately, a fake update of Microsoft's Windows 10 operating system.
Indeed, it is actually a ransom program, which once installed on your computer will demand as usual a ransom. Clearly your data will be inaccessible if you get caught.
This article will also interest you: The update system hijacked by hackers
The discovery was made by a computer security company based in Chicago in the United States. This company is called Trustwave. Thanks to the researchers who make up his Spider labs team, the malware hidden behind a fake update was discovered and then made known to the general public. This threat must be taken seriously, the researchers say. Indeed, this attack even if it does not look very special, could take a whole new scope as it is easy to be reused by other groups of hackers if it goes almost unnoticed this time. Here's how it goes. Individuals receive an e-mail informing them of the availability of a new Windows update on an operating system security issue by requiring an installation at the time. But in reality it's a decoy, because Microsoft never communicates about updates through the mail system. The editors of this program will then direct their victim to a link that prompts them to download an executable program, which is in fact not a ransom program. This executable comes in the form of a JPG file. Once this file is executed, it will encrypt your data, blocking all the files on the terminal, and will require to release them the payment of a ransom.
To do this, Windows 10 users are advised not to attempt whats happens to be to click on the link asking them to make the day. If an email like this has reached you, it is better to delete it automatically and pass thing.
According to the cybersecurity company that made the discovery, the malware here presented is a ransomware that would be type Cyborg ransomwares. According to Spider Lab researchers, once victims click on the link, a malware will encrypt all of your data on the device, a Windows computer, precisely. Because, there, the program will add its own extension. This is where a text file under the name "Cyborg_DECRYPT.txt" appears to the user. And the rest you already know.
In addition, all the problems associated with this programme malicious computer do not stop there. Indeed you know that the mail corrupted in our case here is reusable? Yes indeed it is.
Following the investigation by the cybersecurity firm Chicago, we discovered that the malware concerned had counterparts that Looked. That's not all, there was online available to all publisher interested a program generating this ransomwares since, a site web.
For Diana Lopera, a researcher at the cybersecurity company, we need to pay attention to this new program that is currently moving. Indeed the threat is very serious. regardless of the individual concerned, whether it is individuals or companies, it is not just the first time that it is already deployed, especially with the use of the mail: "The file containing the ransomware can be created and disseminated by anyone who takes over the generator. It can be spammed using other themes and be attached in different forms to escape email gateways. Attackers can create this ransomware to use a known file extension to mislead the infected user about the ransomware's identity," she explained.
Now access an unlimited number of passwords: