HomeWindowsBeware: Fake Windows Update Installs Cyborg Ransomware

Beware: Fake Windows Update Installs Cyborg Ransomware

Author

Date

RECOMMENDED: Download this tool to help you safely fix common Windows errors & automatically optimize system performance

Unsuspecting Windows users are at risk of the new spam email spreading like a wildfire. The fake email contains information about a critical Windows update. However, when users take the bait and click the link on the email, it will lead to Cyborg ransomware being installed on their computers. We know how nasty a ransomware is and we don’t want anything to do with it.

Fake-Windows-Update-Installs-Cyborg-Ransomware-Trustwave

This suspicious modus operandi was uncovered by security researchers at Trustwave SpiderLabs. They were able to get hold of the builder, which can be used to create different variations of a malware.

DON’T MISS: Check out Malwarebytes, the cybersecurity software that crushes what others don’t

Another thing to note about this Windows security threat is that the attached file in the spam email is shown as a .jpg file format, however when clicked it opens as an .exe executable file.

The-Cyborg-Ransomware-Email-Attachment
The Cyborg Ransomware Email Attachment

Cyborg Ransomware

The attached .jpg file is a malicious .NET download which is designed by the hacker to inject a malware called Cyborg ransomware into your system. The hidden executable file will download a file called ‘bitcoingenerator.exe’ after the .jpg attachment is clicked.

Cyborg-ransomware-bitcoingenerator-exe
Properties of Cyborg Ransomware bitcoingenerator.exe file

After the Cyborg ransomware is installed on your PC, it will then start encrypting all your files and add 777 to their filenames. Once done encrypting, the malware will leave a ransom note with the file name ‘Cyborg_DECRYPT.txt’. Finally, the ransomware creates a duplicate of itself named ‘bot.exe’ at the root directory of the infected drive.

Here’s a statement from Trustwave:

“The Cyborg Ransomware can be created and spread by anyone who gets hold of the builder. It can be spammed using other themes and be attached in different forms to evade email gateways. Attackers can craft this ransomware to use a known ransomware file extension to mislead the infected user from the identity of this ransomware,”

What Users Should Do?

Something to keep in mind, Microsoft never sends updates using emails. It only pushes updates to users through the Windows updates feature in the settings.

The best way to stay secured is not to trust any email that proposes itself with an important Windows update. Avoid opening those emails and downloading the attachments they contain. Lastly, updating your anti-virus software can also help detect infected files early on and deter malwares such as the Cyborg ransomware from infecting your computer.

Images by Trustwave

STILL HAVING ISSUES? Try this tool to troubleshoot Windows errors and safely optimize system performance

Related

More From

Fix Netflix Error Code U7361-1254-C00DB3B2 on Windows 10

Netflix has become one of the most popular streaming services all over the world. But, despite its success and fame, there are still potential...

How to Hide Mouse Cursor in Apps on Windows 10

The cursor and pointer are both an indispensable tool in interacting with the computer system. However, at times, you would want the mouse cursor...

How to Fix SSD Not Detected or Showing Up Error on Windows 10

You can't deny the many advantages brought about by the Solid State Drive (SSD) storage technology to modern computers. It offers lightning-fast read-write speed,...

How to Enable & Use DNS over HTTPS (DoH) in Windows 11 Computer

Online protection minimizes the risk of hackers, malware attacks, and other threats to your Internet accounts and online activities. DNS over HTTPS or DoH...

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Recent Articles

Stay Connected

Trending