Stories
Slash Boxes
Comments

SoylentNews is people

Windows Users, Beware: This Fake Update Could Lock Up Your PC, Or Worse

posted by martyb on Friday November 22 2019, @12:47AM   Printer-friendly
from the when-is-it-EVER-safe-to-click-an-e-mail-link? dept.

Arthur T Knackerbracket has found the following story:

With the end of support for Windows 7 coming in January, many users are looking to update to Windows 10 to continue getting security updates and support from Microsoft. According to a Tuesday report from security firm Trustwave, attackers are well aware of this and are targeting Microsoft users with fake Windows update emails that will infect computers with ransomware -- an especially sinister type of malware that locks up valuable data on your computer, and demands that you pay a ransom to release it or your data will be destroyed.

The spammers are sending some Windows users emails with subject lines "Install Latest Microsoft Windows Update now!" or "Critical Microsoft Windows Update!" The emails, which claim to be from Microsoft, include one sentence in the message body, which starts with two capital letters, Trustwave found. They ask recipients to click an attachment to download the "latest critical update."

The attachment has a .jpg file extension, but is actually a malicious .NET downloader, which will deliver malware to your machine. The ransomware, called bitcoingenerator.exe, encrypts the recipient's files, and leaves a ransom note titled "Cyborg_DECRYPT.txt" on their desktop, asking for $500 in bitcoin to unlock the files.

[...] "This is a very common type of phishing attack -- where the attacker tries to convince the target to open a malicious attachment," Karl Sigler, threat intelligence manager of Trustwave SpiderLabs, said in an email. "Windows users should understand that Microsoft will never send patches via email, but rather use their internal update utility embedded in every current Windows operating system. Users should always be wary of any unsolicited emails, especially those that present urgency to open attachments or click on links."

Original Submission

 
This discussion has been archived. No new comments can be posted.
Windows Users, Beware: This Fake Update Could Lock Up Your PC, Or Worse | Log In/Create an Account | Top | 30 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 5, Interesting) by stormwyrm on Friday November 22 2019, @06:48AM (1 child)

    by stormwyrm (717) on Friday November 22 2019, @06:48AM (#923333) Journal
    I first heard of malicious attachments being able to do this kind of thing more than thirty years ago when Windows first discovered the Internet. It's nearly 2020 and Windows still lets people get pwn3d in this time-honoured way‽ In contrast I don't think there's ever been news that Android users are getting pwn3d by malicious APKs in email attachments, though there are probably at least as many Android users as Windows users, so it's not a matter of "intelligence". Windows doesn't seem to take even the most basic steps to protect their more technically inept users, like forcing them jump through a number of hoops to enable use of executable code from foreign sources like email attachments, the way Android does. Dialogue boxes aren't enough: most people get way too many of those in the normal course of their interaction with their computer that they've learned to ignore what they say and just click "Yes" or "OK", and if agreeing to one of those does something very dangerous like run a random executable sent to them by some joker on the Internet then they are pwn3d. Much better to force people to dig into the settings to find an option to run a specific program they downloaded and let it run. That way, the people who actually know what they are doing can still do what they want, while the unwashed masses who generally don't really know what they are doing much of the time won't get pwn3d when something like this comes along.
    --
    Numquam ponenda est pluralitas sine necessitate.
    Starting Score:    1  point
    Moderation   +3  
       Insightful=1, Interesting=2, Total=3
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   5  

  • (Score: 2) by jmichaelhudsondotnet on Friday November 22 2019, @01:57PM

    by jmichaelhudsondotnet (8122) on Friday November 22 2019, @01:57PM (#923382) Journal

    Well said, see my response to evakreend.