HomeWindowsBeware: Fake Windows Update Installs Cyborg Ransomware

Beware: Fake Windows Update Installs Cyborg Ransomware



RECOMMENDED: Download this tool to help you safely fix common Windows errors & automatically optimize system performance

Unsuspecting Windows users are at risk of the new spam email spreading like a wildfire. The fake email contains information about a critical Windows update. However, when users take the bait and click the link on the email, it will lead to Cyborg ransomware being installed on their computers. We know how nasty a ransomware is and we don’t want anything to do with it.


This suspicious modus operandi was uncovered by security researchers at Trustwave SpiderLabs. They were able to get hold of the builder, which can be used to create different variations of a malware.

DON’T MISS: Check out Malwarebytes, the cybersecurity software that crushes what others don’t

Another thing to note about this Windows security threat is that the attached file in the spam email is shown as a .jpg file format, however when clicked it opens as an .exe executable file.

The Cyborg Ransomware Email Attachment

Cyborg Ransomware

The attached .jpg file is a malicious .NET download which is designed by the hacker to inject a malware called Cyborg ransomware into your system. The hidden executable file will download a file called ‘bitcoingenerator.exe’ after the .jpg attachment is clicked.

Properties of Cyborg Ransomware bitcoingenerator.exe file

After the Cyborg ransomware is installed on your PC, it will then start encrypting all your files and add 777 to their filenames. Once done encrypting, the malware will leave a ransom note with the file name ‘Cyborg_DECRYPT.txt’. Finally, the ransomware creates a duplicate of itself named ‘bot.exe’ at the root directory of the infected drive.

Here’s a statement from Trustwave:

“The Cyborg Ransomware can be created and spread by anyone who gets hold of the builder. It can be spammed using other themes and be attached in different forms to evade email gateways. Attackers can craft this ransomware to use a known ransomware file extension to mislead the infected user from the identity of this ransomware,”

What Users Should Do?

Something to keep in mind, Microsoft never sends updates using emails. It only pushes updates to users through the Windows updates feature in the settings.

The best way to stay secured is not to trust any email that proposes itself with an important Windows update. Avoid opening those emails and downloading the attachments they contain. Lastly, updating your anti-virus software can also help detect infected files early on and deter malwares such as the Cyborg ransomware from infecting your computer.

Images by Trustwave

STILL HAVING ISSUES? Try this tool to troubleshoot Windows errors and safely optimize system performance


More From

How to Set up and Use Metered Connection in Windows 10

Conserving bandwidth usage can help you maximize your data connection and make sure you are using only what you need. Windows 10 has an...

Fix Adobe Acrobat Reader Cannot Open PDF Files in Windows 10

Sending a PDF file enables us to transfer a document without the risk of other users altering the original data structure. It retains the...

How to Fix Search Bar Not Working Problem on Windows 11 PC

A computer shortcut can make things a lot easier for you. It may not always be the best solution, but using a shortcut on...

Configure your Windows Computer and Protect it from Malware

There are over 1 billion devices running Microsoft Windows. With such a huge number, there’s a probability that you also own a device with...


Please enter your comment!
Please enter your name here

Recent Articles

Stay Connected