This problem started with users who started receiving emails with supposed Windows updates which they said were urgent. What happens is that these are not updates but a ransomware virus which was known as Cyborg.
Specifically, this virus is called Cyborg and this campaign was based on emails talking about a supposed urgent Windows update. These emails were sent in the process of updating to the Windows 10 November Update of course taking advantage of this date and it is that Windows will never send an update by email.
Trustwave’s SpiderLabs security inspectors were the ones who discovered this ransomware. And they began to give warnings such as ignoring and deleting these emails and of course not interacting with it since it would put your computer at risk.
What if you get infected with the Cyborg Ransomware
If a computer was compromised with this ransom, a “Cyborg_DECRYPT.txt” ransom note was left on the desktop of the compromised machine. The information provided in this txt file can be found in the bitcoingenerator.exe ransomware overlay and they were of course asking for a ransom with the payment of 500 bitcoins to get all your stolen information back.
The email that was sent was subject to “Install the latest Microsoft Windows update now!” There are variants that change a couple of words, remaining as “Critical Windows Update”. This in itself should be a suspicious indication, as Windows never sends updates by email. Since it does so through Windows Update, its update platform integrated into the same system.
Remember that the most important thing in cybersecurity is your own criteria and if you do not fall into these traps you will be safer from these types of malicious viruses.
Other reads:
Vovalex – Ransomware posing as Windows utilities
Ransomware – Cyber attacks to make you pay
[…] also:Cyborg Ransomware distributed through EmailVovalex – Ransomware posing as Windows […]