“If you get an email claiming to be from Microsoft about a Windows 10 update, don’t open! It contains ransomware malware.”

pU r9Hi9TXDw8FOgYKrAP6Cx1sM3D56lbmUhavaMSDM

Researcher’s from a trusted company have discovered the new malicious campaign, which is believed to be spoofing urgent updates from Microsoft to infect the user’s system with Cyborg ransomware.

Targeted users first recieve an email with a subject- ‘Install Latest Microsoft Windows Update now!’ or ‘Critical Microsoft Windows Update!’ which is suspicious. Microsoft pushes Windows updates via its operating system and never through emails.

The email is said to contain one line of text:

“Please install the latest critical update from Microsoft attached to this email.”

With the above message, an attachment has a “.jpg” file extension. Basically, it’s not a picture but an executable file.

About Cyborg Ransomware:

When you click on the email’s attachment, a hidden executable file is hidden inside it and further downloads a file called ‘bitcoingenerator.exe.’ with a name misterbtc2020. Similar to the attachment, this file is a .NET compiled malware known as Cyborg ransomware.

Immediately activated, the ransomware encrypts all of the files on the infected user’s system and affixes the filenames with its own file extension, 777. Further, a ransom note with the filename ‘Cyborg_DECRYPT.txt’ is then left on the desktop of your victimized computer system. ‘bot.ex’ is left at the root of the infected drive.

Cyborg Ransomware posses a severe threat to individuals and businesses. It can be created and spread by anyone who gets hold of the builder. It can also be spammed using other themes and can be attractive enough for you to open the attachment.

Do note and beware of: Once activated, the ransomware will start encrypting all the files on the victimized user’s computer system of laptops.

Suggestion: You really Don’t want this on your Windows 10 machine!

Windows 10 Update Malware 1207000

Ways to Prevent and not get infected:

  1. Look out for shady/ dodgy and suspicious emails requesting you to install something.
  2. Make sure you delete the suspicious emails and ensure that your password is strong enough to withstand if you suspect it’s been compromised.
  3. Watch your step. The malicious emails include misspellings, poor grammar, and incorrect branding.
  4. Officials emails from Microsoft or even Netflix don’t use Gmail or include incorrect domains like ‘Microsoft.org.’
  5. Keep an eye on every click you make, if you suspect anything.

Major security experts globally have advised against paying any ransoms from malware installed on your system. Basically, there’s no guarantee you’ll get access to your files again, and paying ransom amount will encourage more ransomware attacks.

Are you interested in knowing more about cyber attacks? Head towards the security awareness section for more information.

Previous Coverage:

  1. Stay Safe from Cyber Threats in Wired networks!

  2. WhatsApp Bug: Exploitation using MP4 Video Files

  3. Magic: The Gathering, Confirmed leak of hundreds of thousands of Player Data
  4. PIPKA: A new JavaScript Skimmer found in e-commerce