HomeWindowsBeware: Fake Windows Update Installs Cyborg Ransomware

Beware: Fake Windows Update Installs Cyborg Ransomware



BLACK FRIDAY DEALS 2022: Shop for trending Black Friday 2022 deals at Amazon or Walmart

Unsuspecting Windows users are at risk of the new spam email spreading like a wildfire. The fake email contains information about a critical Windows update. However, when users take the bait and click the link on the email, it will lead to Cyborg ransomware being installed on their computers. We know how nasty a ransomware is and we don’t want anything to do with it.


This suspicious modus operandi was uncovered by security researchers at Trustwave SpiderLabs. They were able to get hold of the builder, which can be used to create different variations of a malware.

DON’T MISS: Check out Malwarebytes, the cybersecurity software that crushes what others don’t

Another thing to note about this Windows security threat is that the attached file in the spam email is shown as a .jpg file format, however when clicked it opens as an .exe executable file.

The Cyborg Ransomware Email Attachment

Cyborg Ransomware

The attached .jpg file is a malicious .NET download which is designed by the hacker to inject a malware called Cyborg ransomware into your system. The hidden executable file will download a file called ‘bitcoingenerator.exe’ after the .jpg attachment is clicked.

Properties of Cyborg Ransomware bitcoingenerator.exe file

After the Cyborg ransomware is installed on your PC, it will then start encrypting all your files and add 777 to their filenames. Once done encrypting, the malware will leave a ransom note with the file name ‘Cyborg_DECRYPT.txt’. Finally, the ransomware creates a duplicate of itself named ‘bot.exe’ at the root directory of the infected drive.

Here’s a statement from Trustwave:

“The Cyborg Ransomware can be created and spread by anyone who gets hold of the builder. It can be spammed using other themes and be attached in different forms to evade email gateways. Attackers can craft this ransomware to use a known ransomware file extension to mislead the infected user from the identity of this ransomware,”

What Users Should Do?

Something to keep in mind, Microsoft never sends updates using emails. It only pushes updates to users through the Windows updates feature in the settings.

The best way to stay secured is not to trust any email that proposes itself with an important Windows update. Avoid opening those emails and downloading the attachments they contain. Lastly, updating your anti-virus software can also help detect infected files early on and deter malwares such as the Cyborg ransomware from infecting your computer.

Images by Trustwave

BLACK FRIDAY 2022: Check out these can’t be missed trending deals for Black Friday 2022.


More From

How do you Use the Scientific Calculator in Windows 10

Navigating through your Windows 10, you will see useful apps such as the Calculator. It can help you do simple calculations for any purpose....

How to Open Apple ProRAW & ProRes Files on Windows 10/11 PC

Taking photos or videos on your iPhones is as convenient as it goes. All you have to do is point and click to capture...

How to Add Family Members to Microsoft 365 Subscription Plan

Microsoft 365 subscription gives you access to cloud storage and premium Microsoft Office apps. You can use it on multiple devices including Windows 10...

How to Add or Change Google Homepage Background Image in Chrome

We are already used to the clean and simple homepage of the Google Chrome browser. You can see Google Search right away with your...


Please enter your comment!
Please enter your name here

Recent Articles

Stay Connected