Attention! Fake Updates for Windows 10 contain malware

The official release of Windows 10 was a month ago, but hackers have been working hard to use the release of new operating system to their advantage. Experts from CISCO warn that for the users that have not yet upgraded to Windows 10, hackers launched a large email-campaign. Basically they are sending fake emails on behalf of Microsoft, offering a free upgrade to Windows 10. Apparently hackers couldn’t just stay away from the world hype, which was formed around the fact that anyone can get a free copy of Windows 10 for 1 year. Massive spam campaign detected by CISCO is very simple – millions of users are getting emails with the subject “Windows 10 Free Update”. Those emails appear as sent from update@microsoft.com. Most of the users think that it is a genuine mail, especially with very convincing disclaimer at the beginning and remark that it has been tested for viruses and dangerous content in the end of the message.

In fact, instead of a free upgrade hackers are sending a file called Win10Installer.zip, which contain the ransomware called CTB-LOCKER (Critroni). Once user extracted an archive, malware encrypts all of the files on the victim’s computer and will ask for ransom in order to unlock the computer. User will have 96 hours to pay the ransom. The worst part of this is that locker uses asymmetric encryption that can encrypt user’s data without making the decryption key on the victim’s computer. Simply speaking, you won’t be able to decrypt the data without paying to hackers.

In order to avoid the infection with this malware you should never open email attachments from suspicious senders and remember, Microsoft never sends updates by email.