Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Cybercriminals Exploit Launch of ‘Windows 10’ to Spread Ransomware - Cisco

Cisco, a security firm, spotted the campaign and said that cyber crooks are exploiting the recent launch of Windows 10 OS of Microsoft to trick Internauts into installing a strand of ransomware on their systems.

The spam campaign drafted to spread a piece of ransomware promises its recipients Windows 10 upgrade free of cost.

The fake emails entitled "Windows 10 Free Update" and they seem to come from update@microsoft.com. The warnings might look legitimate to some regular Internauts because these also contain a genuine-looking disclaimer and a message informing that the note has been scanned for dangerous content and viruses.

However, a close glance shows that the sender in reality tricked the beginning email address and the content of emails comprises many characters which have not been described properly.

The attachment to the fake notifications, Win10Installer.zip, is not a Windows 10 installer but an alternative of the infamous CTB-Locker ransomware.

Once it is unzipped and executed, the CTB-Locker ransomware first encrypts all files on the computer of the victim and then demands ransom money (Cisco does not disclose how much) within 4 days failing which it destroys the files decryption keys.

Whoever masterminded this strand of ransomware (Cisco found the IP address of the computer which sends emails to Thailand although that does not specify the origin) know his or her stuff because the crook has demanded payment particularly in Bitcoin and provides directives to go through the privacy-oriented Tor browser. Cisco says that theoretically this would make the criminals untraceable.

Theregister.co.uk published news on 3rd August, 2015 quoting Craig Williams, Security Outreach Manager of Talos team of Cisco, as saying "If you pay the attacker in Bitcoin then it is a very smooth funding stream; the money goes directly to paying the (malware) development team. This is the reason, due to which we are seeing such a fast development cycle in ransomware."

Therefore, if you receive an email claiming to tell you that your Windows 10 download is ready, then you should be careful. Microsoft does not normally email a Windows 10 installer to anyone but instead it is all done directly through update mechanism of your current operating system. Experts conclude that any email saying otherwise is almost surely a fake.

» SPAMfighter News - 8/18/2015

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page