Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Fake Windows 10 upgrade hides ransomware

BitDefender UK : 10 August, 2015  (Technical Article)
Bitdefender issues warning of ransonware spread through fake e-mails which solicit users to upgrade to latest Windows operating system
Fake Windows 10 upgrade hides ransomware

Cybercriminals are spreading the CTB Locker ransomware via fake emails, tempting users with the promise of Windows 10 installation kits, warns Bitdefender, the innovative security solutions provider. Once a system has been compromised by the ransomware, hackers demand that 2 Bitcoins, worth roughly £360, be paid within 96 hours in order to restore the encrypted files.

Microsoft launched Windows 10 on July 29 and is rolling out the new version in waves to users around the world. Hijacking the release, the email claims to come from the company and could pique the interest of thousands of users.

“This software release creates the perfect context for cybercriminals and they’re fully taking advantage of it,” states Bogdan Botezatu, Senior E-Threat Analyst at Bitdefender. “Millions of people are expected to upgrade to Windows 10, so we might witness a substantial number of PC users falling victim to such scams.”

Within the fake email, the ‘From’ field features the email address update@microsoft.com, which appears to be a valid address. The subject line clearly states the apparent purpose of the email: ‘Windows 10 Free Update.’

Disguised as an innocent Windows 10 installer, the ransomware needs to be downloaded and executed manually by the user. Once installation is complete, the victim is presented with a warning message.

Infected users are instructed to pay $600 for the private key stored on their servers - without it, decryption is impossible. When the ransom is paid, decryption will start and a payment verification screen will be displayed.

CTB Locker is a file-encryptor, the successor of Cryptolocker. Despite successive short-lived take downs, Cryptolocker has managed to make a comeback through this newer version. This challenging breed of malware is constantly evolving, becoming more dangerous and reaching new levels of complexity.

According to Bitdefender Labs, the malicious emails were sent in three days from spam servers located in a variety of countries including France, Russia, the US, Thailand, Ukraine, India, Kazakhstan and Taiwan.

Bitdefender, which detects and blocks the threat, advises users to install software updates only from reputable sites and reminds them to avoid accessing attachments and links from unrequested emails.

Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo