This Windows 10 Upgrade Scam Holds Your Computer Files For Ransom

A new type of malware attack is on the loose, taking advantage of the recent Windows 10 release to spread its reach far and wide. According to a blog post by Cisco security researcher Nick Biasini, the attackers are using Microsoft’s latest version of Windows as a way of getting people to install the malware, which then goes off and wreaks havoc.

Carrying the notorious CTB-Locker payload that has been doing the rounds all year, this particular ransomware takes advantage of the fact that people need to join a virtual line in order to get their Windows 10 download, something that has led to some people trying to find a way to get around Microsoft’s current system. This has left those same people open to malware attacks however, with one in particular being delivered via spam email that claims to be from Microsoft, offering a quick way of getting the latest iteration of the tech giant’s desktop OS without having to join the aforementioned line. Once the user downloads and runs the attached executable though, they receive a message saying that their data has been encrypted, with no way of getting that data back until a ransom is paid.


That ransom, according to Biasini, is often required to be paid in Bitcoin, which is harder for the authorities to trace. Add in the fact that the Tor network is used to anonymously communicate with a server that handles the transaction and things look grim for those infected. If they do pay up, though, the files are unlocked. If they don’t? Those same files are left permanently encrypted, meaning anything from important work documents to family photos could be gone for good.


Right now, the best way to protect yourself against this or similar attacks is to simply delete any such email. It’s also worth reminding everyone once again that running any executable file that has arrived in an email is almost always a bad idea, even if the sender does claim to be Microsoft.

Stay safe out there people, and be careful what you go double-clicking.

(Source: Cisco | Via: ZDNet)

You may also want to check out:

You can follow us on Twitter, add us to your circle on Google+ or like our Facebook page to keep yourself updated on all the latest from Microsoft, Google, Apple and the web.