Security Alert – Fake Windows Update Delivers Ransomware

Security blog, Threatpost warns of a SPAM email going around purporting to be a “critical Windows update” containing an attachment that installs the Cyborg ransomware.

The email has the following characteristics:

  • The subject line is two sentences saying, “Install Latest Microsoft Windows Update now! Critical Microsoft Windows Update!”
  • The email body contains just one sentence, “Please install the latest critical update from Microsoft attached to this email.”
  • The attachment has a .jpg file extension but is, in fact, an executable file that is approximately 28KB in size. The name of the file is randomized and changes with each attack.

The builder of this ransomware even hosted it on the developer platform, Github, where it can be downloaded by other hackers to create additional ransomware packages. Github was notified of the malware’s presence on their site.

Please note that Windows Updates are not delivered via email, and should you receive one, don’t open any of the attachments or click any link the email may contain.

To update your Operating System, use the Windows Update Settings on your PC. If your network is managed by an IT Managed Services Provider (MSP), you don’t need to worry about it because they’ll keep your system updated. Call your MSP with any questions.

Always be mindful when receiving emails, even if from a trusted organization. If you’re not expecting an email with an attachment or link, do not open the file or click on the link. Verify first.

 XSolutions is an Elite Partner of Datto, the world leader in Hybrid-Cloud Business Continuity solutions whose systems protect 460+ Petabytes of data with over 1400+ employees and 9 offices around the globe. Call (845) 362-9675 and let us introduce you to the ultimate defense against data loss—whatever the cause. Backup & Disaster Recovery | Business Continuity | Data Risk Assessment