As Microsoft has just released the new update of Windows 10, a new phishing campaign takes the opportunity to spread in the form of an email, prompting users of Windows 10 to install a critical update. Researchers at Trustwave have released details of this new threat that attempts to trick users into hijacking their PCs and demanding a ransom.
The e-mail, which is currently in English and seems to come from Microsoft, has the subject ” Install Latest Microsoft Windows Update now!” or “Critical Microsoft Windows Update!” And prompt the reader to install the included update as an attachment. In reality, it is a program that downloads a ransomware called Cyborg.
Windows 10: A ransom to pay in Bitcoin
The malware then encrypts all personal files. Which will have the extension “.777” and which will require a password to be opened. A text file “Cyborg_DECRYPT.txt” placed on the desktop contains instructions to follow. To recover his files, the victim will have to pay $500 in bitcoin. To the indicated portfolio and contact the author by e-mail.
The researchers have managed to find three other versions of the malware. As well as the tools to create it that seem to come from Russia. This attack is particularly dangerous since anyone with access to these tools can create their own version. Remember that Microsoft never sends e-mail updates and must always be downloaded through the Windows Update utility.