Great Lakes Computer is always on top of the latest cyber attacks and there’s a new one to beware of – the fake Windows 10 update. Portrayed as a critical update, this ransomware will install an executable .NET file that will infect your computer and request that you make a payment to recover your data. We found this article that we think is worth a read.

“A new malware campaign is under way: emails sent from a fake Microsoft address are pushing people to download a malicious Windows 10 “critical update”. Beware!

Spotted by computer security company Trustwave, the subject of the mail says “Install Latest Microsoft Update now!” or “Critical Microsoft Windows Update!” The mail contains one single line that says “Please install the latest critical update from Microsoft attached to this mail” and an attached file.

If you receive such an email, here are the steps you should take:
1. Delete the mail right away.
2. Write several post-it notes that say “Microsoft NEVER SENDS update notices via email” and place them around your home and loved ones’ computers.

How this malware works

The mail contains a jpg file that is actually not a picture but an executable .NET file that will infect your PC.

This executable will download a program called “bitcoingenerator.exe” which comes from misterbtc2020 — a GitHub account. But this bitcoin generator doesn’t generate any virtual riches: it’s a ransomware called Cyborg.

Cyborg will encrypt all your files, locking their contents and changing their extensions to 777. You will also find a text file on your desktop named “Cyborg_DECRYPT.txt”, containing instructions about how to recover your life — for a price.

According to Trustwave, there are four variants of this malicious software. Following the trail, they reached to Russia. Because, of course it was going to be Russia.

Trustwave says this is a real danger to businesses and individuals alike, with the capacity to be attached to other emails and evade any gateway controls.

With that in mind, it’s good to remember to always distrust any mails you get, even if you think they come from a trustworthy source, and never blindingly click on something you didn’t ask for — even if you have the best antivirus software installed. You never know when the next malware will hit.”

Read the full article here.

Great Lakes understands that malware is always a potential threat.

Our experts can monitor and manage your data 24/7 and ensure all true critical updates are performed on a regular basis. We utilize anti-virus and anti-malware software to ensure your data is protected, and our backup services protect you from this type of ransomware.